GitHub rushed to fix a critical vulnerability in less than six hours

GitHub employees fixed a critical remote code execution vulnerability in less than six hours last month. Wiz Research used AI models to uncover a vulnerability in GitHub's internal git infrastructure that could have allowed attackers to access millions of public and private code repositories.

"Our security team immediately began validating the bug bounty report. Within 40 minutes, we had reproduced the vulnerability internally and confirmed the severity," explains Alexis Walesa, GitHub chief information security officer. "This was a critical issue that required immediate action."

GitHub's engineering team developed a fix and deployed it ju …

Read the full story at The Verge.