InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud ...
TechRadar

Thousands of cloud credentials stolen from exposed Git config files

Hackers have stolen tens of thousands of cloud account credentials, by abusing exposed Git configuration files, experts have claimed. Git configuration files are where Git saves different preferences ...
Visual Studio Magazine

GitHub Ships Early December Copilot Updates Across Spaces, Visual Studio and Model Options

GitHub changelog posts detail new Copilot Spaces sharing features, a Visual Studio Copilot update, and public preview access ...
CSOonline

Cloud configuration drift leaves organizations open to attack, research finds

Many organizations are automating their cloud infrastructure deployments through code. This allows them to establish a secure configuration baseline early in their DevOps lifecycle, but the security ...
Business Wire

Pulumi Makes Cloud Configuration Simple and Secure with Pulumi ESC

SEATTLE--(BUSINESS WIRE)--Infrastructure as code leader Pulumi today announced Pulumi ESC, a new solution to manage Environments, Secrets, and Configurations for cloud infrastructure and applications.
The Hacker News

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

Unpatched Gogs flaw CVE-2025-8110 enables file overwrite and code execution, driving over 700 confirmed compromises.
TechCrunch

Cloud veterans launch ConfigHub to fix ‘configuration hell’

A trio of cloud industry leaders have launched a new company with the mission of modernizing software configuration data management. That event demonstrated that software is now critical ...