GitHub allows developers to silently notify others of discovered vulnerabilities. The company says this will avoid the name-and-shame game and prevent exploitation that may result from public disclosure.

In blog post (opens in a new tab) earlier this week, GitHub said that given the way the platform is currently set up, sometimes there is no option but to disclose the vulnerability publicly – and before malware removal software can be deployed – alerting potential cybercriminals.

Leave a Reply

Your email address will not be published. Required fields are marked *