Rotating credentials for GitHub.com and new GHES patches | allinfosecnews.com

Jan. 16, 2024, 8:04 p.m. | Jacob DePriest

The GitHub Blog: Security News and Updates github.blog

GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.

The post Rotating credentials for GitHub.com and new GHES patches appeared first on The GitHub Blog.

access bounty bug bug bounty container continue credentials environment github github.com github enterprise server hardcoded key patches production public public key report security systems vulnerability working

More from github.blog / The GitHub Blog: Security News and Updates

How AI enhances static application security testing (SAST) 1 month ago | github.blog

ai insights application application security application security testing +18

Introducing Artifact Attestations–now in public beta 1 month, 1 week ago | github.blog

actions artifact beta blog +7

Where does your software (really) come from? 1 month, 1 week ago | github.blog

blog capabilities community github +11

CodeQL zero to hero part 3: Security research with CodeQL 1 month, 1 week ago | github.blog

blog codeql github github security lab +6

Securing millions of developers through 2FA 1 month, 2 weeks ago | github.blog

2fa adoption developers ecosystem +9

Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private … 2 months ago | github.blog

blog blog post code codeql +16

Gaining kernel code execution on an MTE-enabled Pixel 8 2 months, 3 weeks ago | github.blog

android app arm arm mali +22

Keeping secrets out of public repositories 3 months, 1 week ago | github.blog

blog default developers github +10

How to stay safe from repo-jacking 3 months, 2 weeks ago | github.blog

attack blog blog post can +10

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States

View on infosec-jobs.com