The Register on MSN

GitHub moves to tighten npm security amid phishing, malware plague

Hundreds of compromised packages pulled as registry shifts to 2FA and trusted publishing GitHub, which owns the npm registry ...
Cyber Daily

GitHub to address npm supply chain as CISA warns of spreading Shai-Hulud worm

Popular code repository GitHub is taking action against hackers targeting popular JavaScript code packages to spread malware.

After major npm attack: Github tightens security measures

GitHub has unveiled a comprehensive plan to improve npm (Node Package Manager) security. The measures are a direct response to the major npm attack in mid-September, in which self-replicating malware ...
Network World

GitHub blocked in China, ‘ticket snatching’ plugins seen as possible cause

China’s censors have started blocking access to software collaboration site GitHub, and Internet observers are speculating the government’s efforts to regulate the nation’s online train ticketing ...