In March, JFrog Security Research documented a malware campaign titled GhostClaw/GhostLoader. Since the original ...

When you're ready to deposit your data for sharing and archiving, look into whether there is already a repository in your field where the most likely users of your data would look. The following sites ...

If you’re a GitHub user, but you don’t pay, this is a good week. Historically, GitHub always offered free accounts but the caveat was that your code had to be public. To get private repositories, you ...

Monorepos, or monolithic repositories, refer to a software development strategy where code for many projects is stored in a single repository. This approach contrasts with having multiple repositories ...

It’s time for security teams to get serious about monitoring risks and vulnerabilities within development platforms. Whether an organization runs a number of open source tools or services, or if it ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

A few years ago, GitHub introduced sponsorships that allowed anybody to make direct financial contributions to open source developers. Today, it is taking this concept a bit further by launching ...

The significant change to GitHub announced today by CEO Nat Friedman might be the first major change since Microsoft bought the company last year: free accounts can now create private repositories.