Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Hidden Secrets in GitHub's Deleted Commits: A $25k Bug Bounty Story

2025-07-03
Hidden Secrets in GitHub's Deleted Commits: A $25k Bug Bounty Story

White-hat hacker Sharon Brizinov leveraged the GitHub Archive and GitHub Events API to discover that GitHub retains deleted commits, even after force pushes. By scanning every force push event since 2020, he uncovered $25,000 worth of bug bounties. He partnered with Truffle Security to open-source a tool, Force Push Scanner, that helps users scan their GitHub organizations for hidden commits and leaked secrets. This highlights that even seemingly deleted commits can pose security risks, emphasizing the importance of code security.

(trufflesecurity.com)
Tech
Sound Waves Rewire Gene Activity in Cells
Interstellar Object A11pl3Z Speeds Toward the Sun