Millions of Repos on GitHub Are Potentially Vulnerable to Hijacking
Many organizations are unwittingly exposing users of their code repositories to repojacking when renaming projects, a new study shows.
Studies provide evidence on cyber threats, vulnerabilities, defensive controls, and user behavior, helping assess security risks and protections.
Search across headline titles and summaries.
Background for this topic.
Study in this tag covers systematic research, measurement, evaluation, or analysis of information-security technologies, threats, and practices. It may include experiments on attack techniques, assessments of defensive controls, surveys of security behavior, analysis of incidents, or research into vulnerabilities and privacy risks. The relevant question is usually what evidence the work provides, how broadly its findings apply, and whether its methods support reproducible conclusions.
For practitioners, studies can reveal exploitable conditions, estimate how often a weakness occurs, or test whether a control detects and contains attacks under realistic conditions. Interpret results cautiously when samples are small, environments are artificial, or a claimed vulnerability has not been independently validated. Research involving telemetry, users, or personal data also raises privacy and ethical requirements. Useful findings should translate into specific actions, such as prioritizing vulnerability remediation, changing configurations, improving detection logic, or revising secure-development and risk-assessment practices.
Many organizations are unwittingly exposing users of their code repositories to repojacking when renaming projects, a new study shows.
Nationwide Building Society is setting up a new team tasked with monitoring and managing its attack surface
Millions of software repositories on GitHub are likely vulnerable to an attack called RepoJacking, a new study has revealed