GitHub

Researchers claim to have found 40 API keys belonging to a unnamed AI company inside a deleted fork on Github

"That’s definitely the hottest topic right now in tech for us across the bank,”

"You have to be intentional about designing for real people who are not security experts."

"We operate with the assumption that a sophisticated nation state threat actor is always active inside the organisation"

“Our model targets the most common vulnerable coding patterns, including hardcoded credentials, SQL injections, and path injections" says "refounded" company.

Complaint alleges "GitHub Copilot “ignores, violates, and removes" licenses...

"No-one has the time or sanity to audit every thing every build process pulls in."