Dangerous WebRAT malware now being spread by GitHub repositories

Kaspersky finds 15 malicious GitHub repositories posing as proof‑of‑concept exploits, some crafted with Gen AI Victims ...
Yahoo

GitHub users targeted with dangerous malware attacks - here's what we know

Security researchers have uncovered a sophisticated malware-as-a-service (MaaS) operation which exploits public GitHub repositories to compromise its targets. In a blog post, Cisco Talos said the ...
Hosted on MSN

Criminals are using a dangerous fake free VPN to spread malware via GitHub - here's how to stay safe

GitHub repositories host malware disguised as tools that gamers, and privacy-seekers are likely to download The fake VPN campaign drops malware straight into AppData and hides it from plain view ...

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...
Bleeping Computer

Millions of GitHub repos likely vulnerable to RepoJacking, researchers say

Millions of GitHub repositories may be vulnerable to dependency repository hijacking, also known as "RepoJacking," which could help attackers deploy supply chain attacks impacting a large number of ...
Dark Reading

Millions of Repos on GitHub Are Potentially Vulnerable to Hijacking

Millions of enterprise software repositories on GitHub are vulnerable to repojacking, a relatively simple kind of software supply chain attack where a threat actor redirects projects that are ...
Geeky Gadgets

Why your private GitHub repos may not be as secure as you think

Private and deleted GitHub repositories are not as secure as users might assume. Data from deleted forks, deleted repositories, and private repositories can still be accessed, often indefinitely. This ...
Threat Post

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of ...
Dark Reading

GitHub Repos Targeted in Cyber-Extortion Attacks

An unknown user going by the handle "Gitloker" is grabbing and wiping clean repositories on GitHub in an apparent effort to extort victims. The campaign, which a researcher at Chilean cybersecurity ...
Ars Technica

GitHub besieged by millions of malicious repositories in ongoing attack

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...
TechCrunch

GitHub brings free secret scanning to all public repos

Every developer knows that it’s a bad idea to hardcode security credentials into source code. Yet it happens and when it does, the consequences can be dire. Until now, GitHub only made its secret ...