In this post, I’ll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that I reported in March 2024 as bug 331383939. A similar bug, 331358160, was also report...

Welcome back to GitHub for Beginners, a series designed to help you navigate GitHub with ease. Our last post covered the top Git commands every developer should know. Today, we’re diving right i...

Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog...

GitHub Enterprise Server 3.13 is now generally available. It includes many new features for developers, enterprise admins, and operators. All of this is to help your organization build better, m...

Whether they’re building a new product or improving a process or feature, developers and IT leaders need data and insights to make informed decisions. When it comes to software development, this...

In May, we experienced one incident that resulted in significant degraded performance across GitHub services. May 21 11:40 UTC (lasting 7 hours 26 minutes) On May 21, various GitHub services exper...

Coming from the humanitarian sector, I’ve seen firsthand how organizations are leveraging tech in innovative ways to solve global problems. At GitHub, the more I learn from these organizations, ...

Each year, we celebrate the GitHub Security Bug Bounty program, highlighting impressive bugs and researchers, rewards, live hacking events, and more. This year, we celebrate a new milestone: 10 ...

What happens when you push to GitHub? The answer, “My repository gets my changes” or maybe, “The refs on my remote get updated” is pretty much right—and that is a really important thing that happe...

Welcome to GitHub for Beginners, our series to help newcomers like you learn the basics of everything from repositories to pull requests and more. (Don’t know what those are yet? That’s okay, it...