New GitHub Zero-Day Exposed Developer Tokens to Attackers

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...

GitHub says hackers stole data from thousands of internal repositories

The code hosting giant GitHub said it was investigating a breach but said there was no evidence of customer data theft.
The Next Web

Self-replicating Miasma worm hits 73 Microsoft GitHub repositories in supply chain attack

GitHub disabled 73 Microsoft repos after the Miasma worm exploited previously compromised credentials to plant malware targeting AI coding agents.

GitHub Says 3,800 Repositories Breached—TeamPCP Hackers Demand $50,000

A GitHub employee has unwittingly allowed 3,800 internal repositories to be breached after a device compromise with a poisoned VS Code extension.