techtimes

GitHub's RSA SSH Private Key Leaks! Was It a Breach?

GitHub's RSA SSH private key was accidentally leaked to the public, as confirmed by the code hosting platform's CEO, Mike Hanley. An engineer from the Israeli company "Commun.it" uses his expertise in ...
Bleeping Computer

GitHub.com rotates its exposed private SSH key

GitHub has rotated its private SSH key for GitHub.com after the secret was was accidentally published in a public GitHub repository. The software development and version control service says, the ...
PC World

Users with weak SSH keys had access to GitHub repositories for popular projects

A number of high-profile source-code repositories hosted on GitHub could have been modified using weak SSH authentication keys, a security researcher has warned. The potentially vulnerable ...
ZDNet

GitHub shifts away from passwords with security key support for SSH Git operations

When you add a security key to SSH operations, you can use these devices to protect you and your account from accidental exposure, account hijacking, or malware, GitHub security engineer Kevin Jones ...
Infosecurity-magazine.com

Malicious npm Packages Used to Target GitHub Developer SSH Keys

Security researchers have uncovered two new malicious packages on the npm open source package manager that utilized GitHub to store stolen Base64-encrypted SSH keys taken from developer systems. These ...
Bleeping Computer

GitHub now supports security keys when using Git over SSH

GitHub has added support for securing SSH Git operations using FIDO2 security keys for added protection from account takeover attempts. Researchers at North Carolina State University (NCSU) found [PDF ...