PC World

Users with weak SSH keys had access to GitHub repositories for popular projects

A number of high-profile source-code repositories hosted on GitHub could have been modified using weak SSH authentication keys, a security researcher has warned. The potentially vulnerable ...
Bleeping Computer

GitHub revokes duplicate SSH auth keys linked to library bug

GitHub has revoked weak SSH authentication keys generated using a library that incorrectly created duplicate RSA keypairs. GitHub allows you to authenticate to their service without a user name and ...
Dark Reading

GitHub's Private RSA SSH Key Mistakenly Exposed in Public Repository

GitHub, a Microsoft subsidiary has replaced its SSH keys after someone inadvertently published its private RSA SSH host key part of the encryption scheme in an open GitHub repository. While some may ...
Techno-Science.net

3 Ways to Generate SSH Keys on Windows

If you do your work via cloud computing, accessing remote servers that are not on your current or home network, you are probably already familiar with SSH or Secure Shell Keys. Because SSH keys are ...
Bleeping Computer

GitHub now supports security keys when using Git over SSH

GitHub has added support for securing SSH Git operations using FIDO2 security keys for added protection from account takeover attempts. Researchers at North Carolina State University (NCSU) found [PDF ...
HotHardware

Github Users Inadvertently Expose Own SSH Keys After New Search Feature Launch

On Wednesday, GitHub expanded and improved its search feature to make it easier to locate code stashed on the site by live-indexing newly uploaded code. In theory, it sounds like a nice improvement on ...
Infosecurity-magazine.com

Malicious npm Packages Used to Target GitHub Developer SSH Keys

Security researchers have uncovered two new malicious packages on the npm open source package manager that utilized GitHub to store stolen Base64-encrypted SSH keys taken from developer systems. These ...