Microsoft-owned GitHub has updated its policies on sharing malware and exploits on the site to better support security researchers sharing so-called “dual use” software — or software that can be used for security research but which may be used to attack networks.
It admits the language it previously used was “overly broad”.
“We explicitly permit dual-use security technologies and content related to research into vulnerabilities, malware, and exploits,” says Michael Hanley, chief security officer of GitHub, in a blogpost.