Geeky Gadgets

Why your private GitHub repos may not be as secure as you think

Private and deleted GitHub repositories are not as secure as users might assume. Data from deleted forks, deleted repositories, and private repositories can still be accessed, often indefinitely. This ...
TechCrunch

Thousands of exposed GitHub repositories, now private, can still be accessed through Copilot

Security researchers are warning that data exposed to the internet, even for a moment, can linger in online generative AI chatbots like Microsoft Copilot long after the data is made private. Thousands ...
Bleeping Computer

GitHub: How stolen OAuth tokens helped breach dozens of orgs

GitHub has shared a timeline of this month's security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations. The attacker used stolen OAuth ...
TechSpot

Chatbots are surfacing data from GitHub repositories that are set to private

Facepalm: Training new and improved AI models requires vast amounts of data, and bots are constantly scanning the internet in search of valuable information to feed the AI systems. However, this ...
Bleeping Computer

GitHub notifies owners of private repos stolen using OAuth tokens

GitHub says it notified all organizations believed to have had data stolen from their private repositories by attackers abusing compromised OAuth user tokens issued to Heroku and Travis-CI. "As of ...
TechRepublic

CamoLeak: GitHub Copilot Flaw Allowed Silent Data Theft

A GitHub Copilot Chat bug let attackers steal private code via prompt injection. Learn how CamoLeak worked and how to defend against AI risks. Image: przemekklos/Envato A critical vulnerability in ...