The Hacker News

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

Unpatched Gogs flaw CVE-2025-8110 enables file overwrite and code execution, driving over 700 confirmed compromises.
GitHub

Slack Secret Scanning notifier (Azure Function/GitHub App)

It is implemented as an Azure Function, and installed as a GitHub App. It uses a Slack incoming webhook. It needs you to deploy the function on Azure, and to create a GitHub App and install it on an ...
Security Boulevard

Shai-Hulud 2.0: over 14,000 secrets exposed

On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens. GitGuardian ...
GitHub

webhook-testing

Test repository for triggering GitHub webhook events (push, pull request, merge). Works with webhook-repo to demonstrate real-time GitHub integration.