Without signing, Git Commit impersonation is trivially simple. It causes great confusion and can hurt your reputation. Git signing is simple but not well known across developers and repo owners. Learn how to sign your Git Commits and how to protect your repos in a few effective steps.

Five quarters after the Terrapin vulnerability disclosure and first patches of the Strict Kex extension to the SSH protocol, it is time to take a snapshot of the adoption process in the Internet and explore what has worked well and where more work is still to be done.

Attackers set up fake SSH servers, targeting users to unknowingly enter their corporate credentials. Traditionally, SSH security is thought from a server perspective. Did you know you can prevent this attack on the client side with a simple configuration change that almost nobody is aware of?