Software and code repositories are a great resource for web and software developers – they save time, client’s money and get quality modules for their projects. GitHub is one of the most popular – with many major software players using it to develop their code and other developers, large and small, around the world controlling distributing code through it.
Now GitHub has introduced a private method for reporting cyber security issues in it’s battle with the threat actors
Flaws in public GitHub repos can now be reported privately • The Register
It is not to sweep issues under the carpet, but to allow them to be dealt with in a managed manner by the coders impacted by the attacks – which in the long run will be better for all their clients.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
GitHub supply chain issues at Smart Thinking Solutions