GitHub backs down, kills Copilot pull-request ads after backlash

Following backlash from developers, GitHub has removed Copilot's ability to stick ads - what it calls "tips" - into any pull request that invokes its name.  Australian developer Zach Manson noted on ...
Security Boulevard

GitHub Actions Supply Chain Attack: Trivy Breach & Workflow

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.

Copilot is now injecting ads into GitHub pull requests. It's a disaster.

A developer caught Copilot adding promotional "tips" to code descriptions, highlighting a messy new era of AI slop.

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
InfoQ

GitHub Copilot CLI Reaches General Availability

GitHub has launched Copilot CLI into general availability, bringing generative AI directly to the terminal. Integrated with ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

Anthropic executives said it was an accident and retracted the bulk of the takedown notices.

Anthropic says its leak-focused DMCA effort unintentionally hit legit GitHub forks

“The repo named in the notice was part of a fork network connected to our own public Claude Code repo, so the takedown ...

'This is horrific': GitHub kills Copilot pull-request ads after user backlash

Developers were (understandably) furious with Copilot and other ads appearing in their pull requests – now GitHub has reversed its decision.