NewsHacker Exploits a Vulnerability on GitHub

Hacker Exploits a Vulnerability on GitHub content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Developer Egor Homakov hacked into GitHub over the weekend, demonstrating that the repository  could be breached through a mass-assignment vulnerability in Rails. Although Homakov only posted an amusing commit, hackers with more nefarious plans in mind could have exploited the security hole to delete or alter the code or history of projects stored in GitHub. GitHub currently hosts more than 2.3 million repositories, including the source code for the Linux kernel, Ruby on Rails, jQuery, Node.js, Reddit, and many others.

In response to the hack, GitHub has apologized for making it difficult to report security bugs and has taken steps to make it easier for other white hats to report problems.

View article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Latest Posts

Related Stories