reader comments 16 with 0 posters participating Share this story GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing certificates place a cryptographic stamp on code to verify it was developed by the listed organization, which in… Read More »
Getty Images reader comments 26 with 0 posters participating Share this story Single sign-on provider Okta said on Wednesday that software code for its Okta Workforce Identity Cloud service was copied after intruders gained access to the company’s private repository on GitHub. “Our investigation concluded that there was no unauthorized access to the Okta service,… Read More »
Enlarge / Replit’s Ghostwriter AI tool can assist you while you code. reader comments 15 with 11 posters participating Share this story Today, Replit announced Ghostwriter, an AI-powered programming assistant that can make suggestions to make coding easier. It works within Replit’s online development environment and resembles GitHub Copilot’s ability to recognize and compose code… Read More »
Enlarge / Brian Kernighan speaking at a tribute to his Bell Labs coworker and The C Programming Language co-author Dennis Ritchie in 2012. Ritchie’s visage in dominoes is behind Kernighan. reader comments 57 with 39 posters participating Share this story A Princeton professor, finding a little time for himself in the summer academic lull, emailed… Read More »
Enlarge / Supply-chain attacks, like the latest PyPi discovery, insert malicious code into seemingly functional software packages used by developers. They’re becoming increasingly common. (credit: Getty Images) Researchers have discovered yet another set of malicious packages in PyPi, the official and most popular repository for Python programs and code libraries. Those duped by the seemingly familiar… Read More »
reader comments 37 with 25 posters participating, including story author Share this story SushiSwap’s chief technology officer says the company’s MISO platform has been hit by a software supply chain attack. SushiSwap is a community-driven decentralized finance (DeFi) platform that lets users swap, earn, lend, borrow, and leverage cryptocurrency assets all from one place. Launched earlier this year,… Read More »
Getty Images reader comments 38 with 32 posters participating Share this story A security flaw in Travis CI potentially exposed the secrets of thousands of open source projects that rely on the hosted continuous integration service. Travis CI is a software-testing solution used by over 900,000 open source projects and 600,000 users. A vulnerability in… Read More »
Enlarge (credit: BeeBright / Getty Images / iStockphoto) A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the open source project said. Two updates pushed to the PHP Git server over the weekend added… Read More »