
Hot lava: A case study in hunting for network integer arithmetic flaws
We examine the dangers of network integer arithmetic based on a case study of security vulnerabilities reported to the ntop project.
We examine the dangers of network integer arithmetic based on a case study of security vulnerabilities reported to the ntop project.
Join our Capture the Flag challenge to use your CodeQL skills or learn new ones.
See what we announced at our first virtual GitHub Satellite including a full dev environment on GitHub powered by VS Code, a new way to have discussions with your communities, new ways to secure projects with code scanning and secret scanning, and more.
Make better contributions, triage your issues efficiently, save time with saved replies, and more with @bdougie’s protips.
By prioritizing secure development alongside speed, DevSecOps helps you ship safer applications by making security part of your current DevOps pipeline.
GitHub Actions continues its community momentum and ships new features for enterprises and developers.
GitHub Satellite is back, and this year it’s virtual. Tune in at githubsatellite.com on May 6 at 9 am PT / 12 pm ET to hear from CEO Nat Friedman and developers around the world.
Learn more about the security vulnerabilities affecting Git 2.26.1 and older.
A phishing campaign targeting our customers lures GitHub users into providing their credentials (including two-factor authentication codes). Learn more about the threat and what you can do to protect yourself.
Learn more about the security vulnerabilities affecting Git 2.26 and older.
Token leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub token scanning looks for leaked tokens in public repositories and works with the…
Token leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub token scanning looks for leaked tokens in public repositories and works with the…
We’ve taken further steps to ensure that our people can be safe and productive wherever they are, and that our community’s home on GitHub remains reliable and resilient.
Starting today, we will assign CVE IDs to security vulnerabilities affecting GitHub Enterprise Server. We will continue to document security fixes in the release notes as they are today, and…
Learn about five more reasons why every enterprise should make innersource a priority in 2020.
IP allow lists are now generally available for GitHub Enterprise Cloud customers – allowing enterprise and organization owners to limit access to enterprise assets to an allowed set of source…
Learn about the top five reasons why leading enterprise organizations are investing in open source.
Starting April 6, 2020, Python 2 will no longer be offered on any hosted virtual environments. Python 2 was sunset on January 1, 2020 and is not being improved or…
We’re excited to share GitHub’s 2019 Transparency Report, a by-the-numbers look at how we handle requests for user data and moderate content on GitHub.
In this deep dive, we cover how our daily schema migrations amounted to a significant toil on the database infrastructure team, and how we searched for a solution to automate the manual parts of the process.
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
Last chance: Save $700 on your IRL pass to Universe and join us on Oct. 28-29 in San Francisco.