The Hacker News

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.
ZDNet

Git repository vulnerability leads to remote code execution attacks

A severe vulnerability has been patched in Git software source code to prevent remote code execution attacks being launched at users. The bug, which is industry-wide, was disclosed on Tuesday. Git, ...
TechRepublic

How to add a GitHub repository to VS Code

Learn how to add a GitHub repository to VS Code as well as how to install a handy extension to manage pull requests and issues. Virtual Studio Code, also known as VS Code, is one of the most popular ...
Bleeping Computer

Malicious Git Repository Can Lead to Code Execution on Remote Systems

The developers behind Git and various companies providing Git repository hosting services have pushed out a fix to patch a dangerous vulnerability in the Git source code versioning software. The fix ...
CSO Online

Critical Cursor bug could turn routine Git into RCE

A flaw in Cursor’s AI agent lets malicious repositories trigger arbitrary code execution through routine Git operations, now ...

GitHub patches critical 'git push' remote code execution bug

Microsoft-owned open source code hosting platform GitHub has acknowledged and patched a critical vulnerability that allowed ...
TheServerSide

Want a private GitHub repository? It comes with a catch

Until now, the most compelling reason to opt into the GitHub Pro paid product was because it enabled you to create a private repository. Developers could use GitHub's free offering -- with a ...
Bleeping Computer

Slack's private GitHub code repositories stolen over holidays

Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. The immensely popular Salesforce-owned IM app is used by an estimated 18 million users at ...