A recently released extension for Chrome, developed by the public key crypto database Keybase, brought end-to-end encrypted messaging to several apps this week.

Owners of Github repositories were the focus of a phishing campaign spreading the Dimnie information-stealing malware.

GitHub awarded $18,000 to a researcher after he came across a remote code execution bug in the company’s enterprise management console.

A proof of concept bypass of Google’s CAPTCHA verification system uses Google’s own web-based tools to pull off the skirting of the system.

Facebook’s Delegated Recovery delegates account-recovery permissions to third-party accounts controlled by the user. GitHub is the program’s first partner.

Open source and third-party software bugs haunt even the best developers’ projects, despite the industry’s best efforts to avoid them.

DNS providers Dyn suffered a DDoS attack this morning that affected many of its major customers including Twitter, Spotify, Github and others. Services have been restored as of 9:36 a.m. today.

Mike Mimoso and Chris Brook discuss the news of the week, including a password issue at Github, the xDedic marketplace, another Flash zero day, and how the poorly the FBI is doing with facial recognition software. Download: Threatpost_News_Wrap_June_17_2016.mp3 Music by Chris Gonsalves

Github is forcing a password reset on some of its users after it detected a number of successful intrusions into its repositories using credentials compromised in other breaches. “This appears to be the result of an attacker using lists of email addresses and passwords from other online services that have been compromised in the past,...

When it comes to cloud computing, APIs more or less drive everything, but in the eyes of some researchers, existing security controls around them haven’t kept pace. While individual components of a system can be secure, when that system gets deployed in the cloud it can often become insecure – and get worse at scale, according to Erik...