Git Development News | Latest Git News | Developer News

EMERALDWHALE exploits vulnerable Git configuration files

Ryan Daws — Fri, 01 Nov 2024 15:35:46 +0000

Sysdig’s Threat Research Team (TRT) has uncovered a global operation known as EMERALDWHALE, which has stolen over 15,000 cloud service credentials by exploiting exposed Git configuration files. EMERALDWHALE utilised multiple private tools to exploit several misconfigured web services, resulting in the theft of credentials from more than 10,000 private repositories. Though the operation’s primary targets... Read more »

The post EMERALDWHALE exploits vulnerable Git configuration files appeared first on Developer Tech News.

GitHub Copilot now supports multiple LLMs

Ryan Daws — Wed, 30 Oct 2024 17:33:52 +0000

GitHub is bringing more flexibility and choice to Copilot through the integration of multiple large language models (LLMs). Since its inception, GitHub Copilot has utilised different LLMs for varied uses. The journey began with the deployment of Codex, an early iteration of OpenAI’s GPT-3, that was fine-tuned specifically for coding tasks. The evolution continued with... Read more »

The post GitHub Copilot now supports multiple LLMs appeared first on Developer Tech News.

GitHub Copilot users gain access to Stack Overflow knowledge

Ryan Daws — Tue, 29 Oct 2024 16:10:02 +0000

Stack Overflow has launched an extension for GitHub Copilot that promises to improve how developers find solutions. The extension allows users to pose questions directly within the AI-driven coding assistant and receive summarised responses informed by Stack Overflow’s extensive knowledge base. GitHub and Stack Overflow’s partnership aims to aid developers in tackling their most challenging... Read more »

The post GitHub Copilot users gain access to Stack Overflow knowledge appeared first on Developer Tech News.

GitLab releases critical security patches amid vulnerability streak

Ryan Daws — Fri, 11 Oct 2024 13:30:48 +0000

GitLab has released a new round of critical security patches for its Community Edition (CE) and Enterprise Edition (EE) products. The company strongly recommends that all self-managed GitLab installations be upgraded immediately to one of the latest versions: 17.4.2, 17.3.5, or 17.2.9. These patch releases address several critical and high-severity vulnerabilities, including a critical flaw... Read more »

The post GitLab releases critical security patches amid vulnerability streak appeared first on Developer Tech News.

GitHub begins offering data residency to EU developers

Ryan Daws — Wed, 25 Sep 2024 15:48:22 +0000

GitHub has announced that it will introduce data residency capabilities, beginning with EU developers on 29 October 2024. The new data residency feature for Enterprise Cloud will allow organisations to store their GitHub code and repository data in their preferred geographical region. “We’ve heard for years from enterprises that being able to control where their... Read more »

The post GitHub begins offering data residency to EU developers appeared first on Developer Tech News.

GitHub Enterprise Server 3.13.3 tackles critical SAML vulnerability

Ryan Daws — Thu, 22 Aug 2024 12:26:30 +0000

GitHub has released Enterprise Server 3.13.3, addressing several security vulnerabilities, including a critical flaw affecting instances using SAML single sign-on. Alongside security patches, the update delivers bug fixes, minor feature enhancements, and changes to the platform. The most pressing issue tackled by this update is a critical vulnerability (CVE-2024-6800) impacting instances employing SAML SSO with... Read more »

The post GitHub Enterprise Server 3.13.3 tackles critical SAML vulnerability appeared first on Developer Tech News.

Unit 42 researchers uncover critical GitHub Actions vulnerability

Ryan Daws — Thu, 15 Aug 2024 11:03:55 +0000

A new attack vector that could compromise GitHub repositories has been uncovered by researchers at Palo Alto Networks’ Unit 42 team. The vulnerability, which exploits GitHub Actions artifacts generated during CI/CD workflows, could potentially grant high-level access to cloud environments. The researchers found that a combination of misconfigurations and security flaws can cause artifacts to... Read more »

The post Unit 42 researchers uncover critical GitHub Actions vulnerability appeared first on Developer Tech News.

GitHub’s Copilot Autofix triples vulnerability remediation speed

Ryan Daws — Wed, 14 Aug 2024 16:00:08 +0000

Shipping software quickly often comes at the cost of security, with vulnerabilities inadvertently making their way into production code. This poses a significant challenge, as many developers find security requirements complex and difficult to implement. “Developers are shipping software faster than previously imaginable, releasing new features early and often. Yet, despite their best efforts to... Read more »

The post GitHub’s Copilot Autofix triples vulnerability remediation speed appeared first on Developer Tech News.

GitLab update addresses pipeline execution vulnerability

Ryan Daws — Thu, 11 Jul 2024 13:05:35 +0000

GitLab has released critical security updates to address multiple vulnerabilities, including a high-severity flaw that could allow attackers to run pipeline jobs as arbitrary users. The company strongly recommends all GitLab installations be upgraded immediately to the latest versions: 17.1.2, 17.0.4, or 16.11.6 for both Community Edition (CE) and Enterprise Edition (EE). The most critical... Read more »

The post GitLab update addresses pipeline execution vulnerability appeared first on Developer Tech News.

Judge dismisses majority of GitHub Copilot copyright claims

Ryan Daws — Wed, 10 Jul 2024 13:12:57 +0000

A judge has dismissed the majority of claims in a copyright lawsuit filed by developers against GitHub, Microsoft, and OpenAI. The lawsuit was initiated by a group of developers in 2022 and originally made 22 claims against the companies, alleging copyright violations related to the AI-powered GitHub Copilot coding assistant. Judge Jon Tigar’s ruling, unsealed... Read more »

The post Judge dismisses majority of GitHub Copilot copyright claims appeared first on Developer Tech News.