CSOonline

Most popular generative AI projects on GitHub are the least secure

Researchers use the OpenSSF Scorecard to measure the security of the 50 most popular generative AI large language model projects on GitHub. Researchers from software supply chain security firm ...
Bleeping Computer

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...