English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어
GHSecurityLab's profile picture. GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on.

GitHub Security Lab

@GHSecurityLab

GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on.

1KPosts 26KFollowers 15Following
You might like
Pinned
GHSecurityLab's profile picture.
GitHub Security Lab
@GHSecurityLab
Feb 14

Find the GitHub Security Lab now on LinkedIn, Mastodon and Bluesky! 👇

7
5
8
3
3K
GitHub Security Lab reposted
artsploit's profile picture.
Michael Stepankin
 @artsploit
Jan 22

Last year, I committed to uncovering critical vulnerabilities in Maven repositories. Now it’s time to share the findings: RCE in Sonatype Nexus, Cache Poisoning in JFrog Artifactory, and more! Read it all below 🧵

artsploit's tweet image. Last year, I committed to uncovering critical vulnerabilities in Maven repositories. Now it’s time to share the findings: RCE in Sonatype Nexus, Cache Poisoning in JFrog Artifactory, and more! Read it all below 🧵
8
84
302
157
29K
GHSecurityLab's profile picture.
GitHub Security Lab
@GHSecurityLab
Jan 9

How to secure your GitHub Actions workflows with CodeQL. Dive into this actionable supply chain security research from @pwntester . This work resulted in dozens of high impact supply chain findings and, most importantly, added CodeQL support for your GitHub workflows!…

GHSecurityLab's tweet image. How to secure your GitHub Actions workflows with CodeQL. Dive into this actionable supply chain security research from @pwntester . This work resulted in dozens of high impact supply chain findings and, most importantly, added CodeQL support for your GitHub workflows!…
6
15
54
12
6K
GitHub Security Lab reposted
bliutech's profile picture.
Benson Liu
 @bliutech
Dec 30

Ever wanted to learn fuzzing?!?! 🐛 Me and some other folks at @pbrucla recently ran a project where we taught folks about the basics of fuzzing with Honggfuzz. 👀 Some fun activities inspired by the Fuzzing101 repo from the folks at @GHSecurityLab! 🤗 github.com/pbrucla/fuzzin…

bliutech's tweet card. 🐛 UCLA ACM Cyber's Fuzzing Lab. Contribute to pbrucla/fuzzing-lab development by creating an account on GitHub.
GitHub - pbrucla/fuzzing-lab: 🐛 UCLA ACM Cyber's Fuzzing Lab
Source: github.com
3
54
246
184
13K
GHSecurityLab's profile picture.
GitHub Security Lab
@GHSecurityLab
Dec 23

🎉 Excited to announce the launch of CodeQL Community Packs for Security teams and researchers! 🚀 Supercharge your code analysis with new Query, Model, and Library packs, to find more vulnerabilities, accelerate codebases audit, and secure code effortlessly.…

1
12
38
15
5K
GHSecurityLab's profile picture.
GitHub Security Lab
@GHSecurityLab
Dec 19

GHSL-2024-075_GHSL-2024-076: Stored Cross-Site Scripting (XSS) and Remote Code Execution (RCE) via Velocity Template Evaluation in Sonatype Nexus 2 securitylab.github.com/advisories/GHS…

GHSecurityLab's tweet card. Sonatype Nexus 2 is affected by multiple high severity vulnerabilities, including Stored Cross-Site Scripting (XSS) and Remote Code Execution (RCE) via Velocity Template Evaluation.
GHSL-2024-075_GHSL-2024-076: Stored Cross-Site Scripting (XSS) and Remote Code Execution (RCE) via...
Source: securitylab.github.com
0
1
11
2
1K
GHSecurityLab's profile picture.
GitHub Security Lab
@GHSecurityLab
Dec 19

GHSL-2024-072_GHSL-2024-074: Stored Cross-Site Scripting (XSS), Arbitrary File Upload, and Arbitrary File Read/Write via Path Traversal in Reposilite - CVE-2024-36115, CVE-2024-36116, CVE-2024-36117 securitylab.github.com/advisories/GHS…

GHSecurityLab's tweet card. Reposilite is affected by multiple high severity vulnerabilities, including Stored Cross-Site Scripting (XSS) allowing unauthenticated users to steal the victim’s password from the browser’s local...
GHSL-2024-072_GHSL-2024-074: Stored Cross-Site Scripting (XSS), Arbitrary File Upload, and Arbitr...
Source: securitylab.github.com
0
1
4
0
835
GitHub Security Lab reposted
github's profile picture.
GitHub
@github
Dec 18

A new free tier of GitHub Copilot in @code. ✅ 2,000 code completions per month 💬 50 chat messages per month 💫 Models like Claude 3.5 Sonnet or GPT-4o ♥️ More fun for you Check it out today! Oh yeah, and we passed 150M developers on GitHub 💅 github.blog/news-insights/…

github's tweet card. Come and join 150M developers on GitHub that can now code with Copilot for free in VS Code.
Announcing 150M developers and a new free tier for GitHub Copilot in VS Code
Source: github.blog
110
632
3K
412
3.1M
GHSecurityLab's profile picture.
GitHub Security Lab
@GHSecurityLab
Dec 18

🎉 You can now enable code scanning in your GitHub Actions workflow files! ✅ By opting-in to this feature, you can enhance the security of repositories using GitHub Actions. github.blog/changelog/2024…

GHSecurityLab's tweet card. You can now enable code scanning in your GitHub Actions workflow files. By opting-in to this feature, you can enhance the security of repositories using GitHub Actions. Actions analysis support…
Find and fix Actions workflows vulnerabilities with CodeQL (Public Preview) - GitHub Changelog
Source: github.blog
0
7
18
1
5K
LiveOverflow's profile picture. wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio

LiveOverflow 🔴

@LiveOverflow
0xor0ne's profile picture. | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |

0xor0ne

@0xor0ne
PwnFunction's profile picture. alt @matmul

Suraj

@PwnFunction
testanull's profile picture. Kẻ soi mói, Re-searcher @dfsec_com

Janggggg

@testanull
clintgibler's profile picture. 🗡️ Head of Security Research @semgrep 📚 Creator of https://t.co/xwtIAI0CuJ newsletter

Clint Gibler

@clintgibler
gregxsunday's profile picture. Grzegorz Niedziela - a hacker who documents his hacking journey by creating and curating the best content about bug bounty and offensive security.

Bug Bounty Reports Explained

@gregxsunday
steventseeley's profile picture. Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. Divine Science.

ϻг_ϻε

@steventseeley
harshbothra_'s profile picture. Freelance Pentester & Consultant • Cobalt Core Lead & Pentester • Author • Speaker • Blogger • SecurityExplained • Project Bheem • Learn365 • Views are personal

Harsh Bothra

@harshbothra_
snyff's profile picture. Founder/CEO/Trainer/Researcher/CVE archeologist @PentesterLab. Security engineer. Bugs are my own, not of my employer...

Louis Nyffenegger

@snyff
momika233's profile picture. Anda boleh melakukan segala-galanya dari syurga ke bumi, wanita kecil!! If you have any questions, please contact me https://t.co/MkzsavUU9V

张惠倩

@momika233
CrazymanArmy's profile picture. CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities opinions are own not group

crazyman_army

@CrazymanArmy
haxor31337's profile picture. 29 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security. Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd

Tuan Anh Nguyen⚡️ 🇻🇳

@haxor31337
alexjplaskett's profile picture. Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.

Alex Plaskett

@alexjplaskett
5aelo's profile picture. Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @saelo@chaos.social and https://t.co/aVitnPjBie

Samuel Groß

@5aelo
ky1ebot's profile picture. CTF player @Shellphish | PhD Student @ASU | @angrdothorse dev | Author of how2heap | Vulnerability Research Hobbyist | @kylebot@infosec.exchange

kylebot

@ky1ebot
_jsoo_'s profile picture. Founder https://t.co/dU7gVAkwY9

Jacob Soo

@_jsoo_
spaceraccoonsec's profile picture. Here to learn! Infosec@Open Government Products | White Hat && SecOps

spaceraccoon | Eugene Lim

@spaceraccoonsec
maddiestone's profile picture. Security Researcher. Previously Google Project Zero and TAG | 0days all day. Love all things bytes, assembly, and glitter. she/her.

Maddie Stone

@maddiestone
pyn3rd's profile picture. Security Researcher&Red Team&Cloud Security. BlackHat&HITB&CanSecWest Speaker.

pyn3rd

@pyn3rd
Agarri_FR's profile picture. Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks

Nicolas Grégoire

@Agarri_FR
ajrgd's profile picture. ceo @epiapp • the scam expert & qr code guy ending fraud • 4k qr/m • sec, trust, web, apps, js, uiux, ai, net intel, sandboxing • check link → https://t.co/issNAWFdiY

Alex Greenland

@ajrgd
Mike1775337's profile picture. I hope you have fun

Mike

@Mike1775337
nx_2io's profile picture. Full-stack Developer

Dev. Abdullah

@nx_2io
Dani_2472's profile picture.

Dani

@Dani_2472
arxiv_news's profile picture. GitHub: https://t.co/fD5TF7GoNX Web: https://t.co/eycqWo8wgZ

arXiv-news

@arxiv_news
hadebesoft's profile picture. HadebeSoft Systems Corporation is a South African software developing company .

HADEBESOFT SYSTEMS CORPORATION

@hadebesoft
infosprof's profile picture. واهم من يعتقد ان الامبراطورية المغربية قائمة على فرد او مجموعة من الأفراد انها قائمة على شعار : الله الوطن الملك

🇲🇦خالص 🇲🇦 مغربي 🇲🇦

@infosprof
Knull1099's profile picture.

Knull

@Knull1099
Autodidac178306's profile picture.

Autodidac

@Autodidac178306
PhoenixSakar's profile picture.

Golga Sakar

@PhoenixSakar
ashrafzaryouh's profile picture. @Oracle Cloud Infrastructure CloudOps Security Professional ☁️

Ashraf Zaryouh

@ashrafzaryouh
its_Yeager0100's profile picture.

Eren Yeager

@its_Yeager0100
x13027181990's profile picture.

Xu

@x13027181990
Rogj257385's profile picture.

Rogj

@Rogj257385
johnwilsontmz's profile picture.

john wilson

@johnwilsontmz
CodeBingoHQ's profile picture. Code Bingo – Every Line is a Win. 🎮 Turning code into fun! | 💻 Coding tips, snippets & challenges | 🚀 Learn, play & grow with Code Bingo.

Code Bingo

@CodeBingoHQ
Jason_Bin_Yah's profile picture.

JayBinYah

@Jason_Bin_Yah
Mer30ifulKing's profile picture.

Merciful King

@Mer30ifulKing
Kerryandqianyi's profile picture. 05 176 60 entp Chengdu bleach 纯爱 哲学 欢迎找我辩论或聊天 V:sin2027

茶 匙

@Kerryandqianyi
Bansi1509Jatin's profile picture. Nothing special

Jatin Bans

@Bansi1509Jatin
CervantesGarces's profile picture. Economist || DeFi&Tokenomics | Digital MKT | Innovation | Project Management Collaborator @OmdenaAI https://t.co/A5N17kitHh SMC ~CTAN GCS @economistacel https://t.co/CUlfsWvnj3

Deisy R Cervantes Garces

@CervantesGarces
soldevstev's profile picture. Learn, create, design and develop and grow

Stephen Solomon

@soldevstev
stevegowan75's profile picture.

Steve

@stevegowan75
ChaDe46553's profile picture. https://t.co/3DMptTxuia

เดวิทย์ ชาติชํานาญ

@ChaDe46553
foxlhl's profile picture.

Ben

@foxlhl
k_kimochi's profile picture.

hyperr💦

@k_kimochi
imh5270's profile picture.

Ismail Mohd Hashim

@imh5270
fellow_Earthian's profile picture. 🌏🌎🌍💫✨

Earthian

@fellow_Earthian
KamsiEze1's profile picture. I'm Gemini dats all there is to know

Kamsi Eze

@KamsiEze1
norbexgang's profile picture. A Hungarian man interested in politics, news, games and sport. Former streamer on TikTok as Norbex/Norbexgang. Whatever the future holds.

Norbert Cserpnyák

@norbexgang
Ievuivuis71048's profile picture.

Ievuivuis

@Ievuivuis71048
iDeveloperH's profile picture. Developer

Developer

@iDeveloperH
FaridiyatulU's profile picture.

faridiyatul ulfah

@FaridiyatulU
paravek_surawut's profile picture.

Surawut Paravek

@paravek_surawut
emirmrg's profile picture. 🗽

Emir Morgan

@emirmrg
Jeyso215's profile picture. 👊Privacy Guardian | 🌍 Cyber Freedom Advocate | 🇺🇸 🚫📵Anti-Surveillance | 💪Empowering Data Sovereignty

MAGA 🇺🇲

@Jeyso215
0xb1n4ry's profile picture. Low level dev/researcher | RE & offensive security

0xb1n4ry

@0xb1n4ry
Brian2Twenty's profile picture. Software Engineer III | Web & API Developer

Brian R

@Brian2Twenty
DarkBourbonX's profile picture.

Dark Bourbon

@DarkBourbonX
RafaelSergioC's profile picture.

Rafael Sergio

@RafaelSergioC
SalasJimenezSa1's profile picture.

DrManhattan

@SalasJimenezSa1
shahariyaict's profile picture. "KASBA Digital Center and Photostart" appears to be a digital service hub located in Kasba, designed to support agents in providing various administration

Noore Alam Shahariya

@shahariyaict
AlphaScout0x's profile picture. 💰 Early on testnets, airdrops & hidden gems. Sharing real opportunities before the crowd. Follow for upcoming testnets & alpha drops. #Crypto #Airdrop

Alpha Scout

@AlphaScout0x
JAHVARIE_JONES's profile picture. | Aluxer | Algo Prop Trader & PAMM Manager | Investor |BSc in Dental Hygiene| Cybersecurity Analyst | Crypto & E.D.C enthusiast💯|

JAHVARIE1

@JAHVARIE_JONES
rainey__mkl's profile picture. Put God first🏆…Founder of @TheRealUniverse Crypto Enthusiat,Finance 📊 Tech Lover 💻,Method🆙, Quality system , Food industry ♻️,Economic Development

Michael BISSIE

@rainey__mkl
sridharc20's profile picture. Senior Technical Specialist

SRIDHAR C

@sridharc20
ezzeldinCoderAI's profile picture.

Ezzeldin Mo

@ezzeldinCoderAI
FilypePereira's profile picture.

filype

@FilypePereira
jyotissraut's profile picture. lamb to the cosmic slaughter!!!

drjoe

@jyotissraut
_gear_head_03_'s profile picture. Founder & CEO @ Indie Hub | Sr. Principal SWE @ Devnovate | Full‑stack AI | Community lead (HackWithIndia, theDevArmy) | Open‑source |📍Shimla | 📍Chandigarh

Mantej Singh 🫧

@_gear_head_03_

United States Trends

You might like

Something went wrong.


Something went wrong.