Tag: github

AI Agents Create Critical Supply Chain Risk in GitHub Actions

Dec 5, 2025 12:32 AM

Tags: ai, github, injection, leak, risk, supply-chain

PromptPwnd shows how simple prompt injections can let attackers compromise GitHub Actions and leak sensitive data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/ai-agents-create-critical-supply-chain-risk-in-github-actions/
From feeds to flows: Using a unified linkage model to operationalize threat intelligence

Dec 4, 2025 6:32 PM

Tags: access, api, attack, authentication, automation, business, ciso, cloud, compliance, container, control, corporate, credentials, cyber, cybersecurity, data, defense, exploit, finance, firewall, framework, github, government, iam, identity, infrastructure, intelligence, ISO-27001, malicious, metric, mitre, monitoring, network, nist, open-source, phishing, risk, risk-assessment, risk-management, saas, service, siem, soc, software, supply-chain, tactics, threat, tool, update, vulnerability, zero-trust

what to watch for, but not why it matters or how it moves through your environment.The result is a paradox of abundance: CISOs have more data than ever before, but less operational clarity. Analysts are overwhelmed by indicators disconnected from context or mission relevance.Each feed represents a snapshot of a potential threat, but it does…
Shai-Hulud 2.0 NPM-Malware-Angriff erbeutet ~400 K Entwickler-Geheimnisse

Dec 4, 2025 5:32 AM

Tags: cyberattack, github, malware

Seit voriger Woche treibt Shai-Hulud 2.0, ein Wurm, sein Unwesen und schleust sich über NPM-Pakete von einem Opfer zum nächsten. Bisher wurden Zugangsdaten von über 25.000 GitHub-Repositories entwendet und bis zu 400.000 Entwicklergeheimnisse offoen gelegt. Auch die Sicherheitsforscher von Sysdig haben den … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/04/shai-hulud-2-0-npm-malware-angriff-erbeutet-400-k-entwickler-geheimnisse/
Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

Dec 2, 2025 8:49 PM

Tags: attack, breach, data, data-breach, github, malware

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen data in 30,000 GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shai-hulud-20-npm-malware-attack-exposed-up-to-400-000-dev-secrets/
SmartTube Android TV App Compromised After Signing Keys Leak

Dec 2, 2025 4:49 PM

Tags: android, cyber, data-breach, github, leak, open-source

SmartTube, a popular open-source YouTube client for Android TV devices with over 25,900 GitHub stars, has been compromised after its digital signing keys were exposed, prompting an urgent security response from developer Yurii Liskov (yuliskov). The incident, disclosed on November 27, 2025, has forced affected users to reinstall the application under a new digital signature…
Contagious Interview attackers go ‘full stack’ to fool developers

Dec 1, 2025 5:49 PM

Tags: attack, control, credentials, crypto, data, endpoint, exploit, github, infrastructure, intelligence, macOS, malicious, malware, open-source, social-engineering, supply-chain, theft, threat, update, windows, worm

Coding tasks lead to malware delivery: These defensive measures are effective because Contagious Interview’s entry vector relies heavily on social engineering, using fake interview tasks to trick developers into installing compromised dependencies.The campaign exploits NPM, a widely used package registry for JavaScript and Node.js, by publishing packages that appear benign but carry hidden payloads. The…
Seit Wochen auf Github: Virenscanner scheitern an neuem Android-Trojaner

Nov 28, 2025 4:49 PM

Tags: android, github

Ein neuer Android-Trojaner namens Radzarat kursiert seit Wochen auf Github. Nur die wenigsten Virenscanner sehen ihn bisher als Bedrohung. First seen on golem.de Jump to article: www.golem.de/news/auf-github-verfuegbar-virenscanner-erkennen-oeffentlichen-android-trojaner-nicht-2511-202715.html
Seit Wochen auf Github: Virenscanner scheitern an öffentlichem Android-Trojaner

Nov 28, 2025 2:49 PM

Tags: android, github

Ein neuer Android-Trojaner namens Radzarat kursiert seit Wochen auf Github. Nur die wenigsten Virenscanner sehen ihn bisher als Bedrohung. First seen on golem.de Jump to article: www.golem.de/news/auf-github-verfuegbar-virenscanner-erkennen-oeffentlichen-android-trojaner-nicht-2511-202715.html
Auf Github verfügbar: Virenscanner erkennen öffentlichen Android-Trojaner nicht

Nov 28, 2025 1:49 PM

Tags: android, github

Ein neuer Android-Trojaner namens Radzarat kursiert seit Wochen auf Github. Nur die wenigsten Virenscanner sehen ihn bisher als Bedrohung. First seen on golem.de Jump to article: www.golem.de/news/auf-github-verfuegbar-virenscanner-erkennen-oeffentlichen-android-trojaner-nicht-2511-202715.html
KawaiiGPT: A Free WormGPT Clone Using DeepSeek, Gemini, and Kimi-K2 Models

Nov 28, 2025 6:49 AM

Tags: ai, cyber, github, open-source, tool

A new open-source tool called KawaiiGPT has surfaced on GitHub, positioning itself as a >>cute>jailbroken>WormGPT kawaii ver,
Security researchers caution app developers about risks in using Google Antigravity

Nov 28, 2025 5:49 AM

Tags: access, ai, attack, backdoor, control, cybersecurity, data, email, flaw, framework, github, google, identity, infrastructure, injection, malicious, malware, risk, threat, tool, vulnerability

CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
Security researchers caution app developers about risks in using Google Antigravity

Nov 28, 2025 5:49 AM

Tags: access, ai, attack, backdoor, control, cybersecurity, data, email, flaw, framework, github, google, identity, infrastructure, injection, malicious, malware, risk, threat, tool, vulnerability

CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
Security researchers caution app developers about risks in using Google Antigravity

Nov 28, 2025 5:49 AM

Tags: access, ai, attack, backdoor, control, cybersecurity, data, email, flaw, framework, github, google, identity, infrastructure, injection, malicious, malware, risk, threat, tool, vulnerability

CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
Security researchers caution app developers about risks in using Google Antigravity

Nov 28, 2025 5:49 AM

Tags: access, ai, attack, backdoor, control, cybersecurity, data, email, flaw, framework, github, google, identity, infrastructure, injection, malicious, malware, risk, threat, tool, vulnerability

CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
Security researchers caution app developers about risks in using Google Antigravity

Nov 28, 2025 5:49 AM

Tags: access, ai, attack, backdoor, control, cybersecurity, data, email, flaw, framework, github, google, identity, infrastructure, injection, malicious, malware, risk, threat, tool, vulnerability

CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
Shai Hulud v2 Exploits GitHub Actions to Steal Secrets

Nov 27, 2025 3:49 PM

Tags: attack, cyber, cybersecurity, data-breach, exploit, github, malicious, supply-chain, worm

A sophisticated supply chain attack has compromised hundreds of npm packages and exposed secrets from tens of thousands of GitHub repositories, with cybersecurity researchers now documenting how attackers weaponized GitHub Actions workflows to bootstrap one of the most aggressive worm campaigns in recent memory. On November 24, 2025, at 4:11 AM UTC, malicious versions of…
‘Shai-Hulud” In der neuen Version ist der Wurm noch schwerer zu entdecken, erzeugt Hintertüren für Spionage und löscht unwiederbringlich die Daten der Opfer

Nov 27, 2025 2:49 PM

Tags: github

Sysdig warnt vor einer neuen Version des Shai-Hulud-Wurms (auch als Sha1-Hulud bezeichnet), der am 24. November 2025 beobachtet wurde. Er verbreitet sich derzeit über verseuchte NPM-Pakete im Internet. Bislang sind über 800 Pakete betroffen, und Zugangsdaten für über 25.000 Github-Repositories wurden weitergegeben. Das Ausmaß und der Umfang der Auswirkungen auf die Opfer, die diese neue…
CrewAI GitHub Token Exposure Highlights the Growing Risk of Static Credentials in AI Systems

Nov 26, 2025 9:49 PM

Tags: ai, credentials, github, open-source, risk, service, vulnerability

3 min readAs AI platforms grow more complex and interdependent, small failures can cast long shadows. That’s what happened inside the open-source CrewAI platform, where a vulnerability in its error-handling logic surfaced during a provisioning failure. The resulting “exception response” the message a service returns when it encounters an unhandled error during a request contained……
CrewAI GitHub Token Exposure Highlights the Growing Risk of Static Credentials in AI Systems

Nov 26, 2025 9:49 PM

Tags: ai, credentials, github, open-source, risk, service, vulnerability

3 min readAs AI platforms grow more complex and interdependent, small failures can cast long shadows. That’s what happened inside the open-source CrewAI platform, where a vulnerability in its error-handling logic surfaced during a provisioning failure. The resulting “exception response” the message a service returns when it encounters an unhandled error during a request contained……
The Latest Shai-Hulud Malware is Faster and More Dangerous

Nov 25, 2025 10:49 PM

Tags: attack, github, malicious, malware, supply-chain

A new iteration of the Shai-Hulud malware that ran through npm repositories in September is faster, more dangerous, and more destructive, creating huge numbers of malicious repositories, compromised scripts, and GitHub users attacked, creating one of the most significant supply chain attacks this year. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-latest-shai-hulud-malware-is-faster-and-more-dangerous/
Sha1-Hulud Attack Hits 800+ npm Packages and Thousands of GitHub Repos

Nov 25, 2025 1:51 PM

Tags: attack, cyber, github, worm

Shai-Huluda, a self-replicating npm worm named after the sandworms in Dune, had struck again. This time, the attack was devastating in scale and sophistication, compromising over 800 npm packages with a combined 132 million monthly downloads across the ecosystem. The timing proved particularly strategic. The attack occurred just weeks before npm’s December 9 deadline to…
Sha1-Hulud Attack Hits 800+ npm Packages and Thousands of GitHub Repos

Nov 25, 2025 1:51 PM

Tags: attack, cyber, github, worm

Shai-Huluda, a self-replicating npm worm named after the sandworms in Dune, had struck again. This time, the attack was devastating in scale and sophistication, compromising over 800 npm packages with a combined 132 million monthly downloads across the ecosystem. The timing proved particularly strategic. The attack occurred just weeks before npm’s December 9 deadline to…
Sha1-Hulud Attack Hits 800+ npm Packages and Thousands of GitHub Repos

Nov 25, 2025 1:51 PM

Tags: attack, cyber, github, worm

Shai-Huluda, a self-replicating npm worm named after the sandworms in Dune, had struck again. This time, the attack was devastating in scale and sophistication, compromising over 800 npm packages with a combined 132 million monthly downloads across the ecosystem. The timing proved particularly strategic. The attack occurred just weeks before npm’s December 9 deadline to…
FAQ About Sha1-Hulud 2.0: The >>Second Coming<< of the npm Supply-Chain Campaign

Nov 25, 2025 9:49 AM

Tags: attack, cloud, corporate, data, defense, github, intelligence, malicious, malware, radius, risk, risk-analysis, supply-chain, tactics, threat, tool, update

Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to immediately audit for at least 800 compromised packages. A massive resurgence of the Sha1-Hulud malware family, self-titled by the attackers as “The Second Coming,” was observed around Nov. 24 targeting…
FAQ About Sha1-Hulud 2.0: The >>Second Coming<< of the npm Supply-Chain Campaign

Nov 25, 2025 9:49 AM

Tags: attack, cloud, corporate, data, defense, github, intelligence, malicious, malware, radius, risk, risk-analysis, supply-chain, tactics, threat, tool, update

Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to immediately audit for at least 800 compromised packages. A massive resurgence of the Sha1-Hulud malware family, self-titled by the attackers as “The Second Coming,” was observed around Nov. 24 targeting…
New Shai-Hulud worm spreading through npm, GitHub

Nov 25, 2025 5:49 AM

Tags: access, attack, authentication, automation, ciso, cloud, credentials, cybersecurity, data, data-breach, defense, dns, github, identity, login, malicious, malware, mfa, monitoring, network, open-source, phishing, resilience, sans, software, supply-chain, threat, unauthorized, worm

a thousand new GitHub repositories containing harvested victim data were being added every 30 minutes. And researchers at JFrog identified 181 compromised packages.The current campaign introduces a new variant, which Wiz researchers dub Shai-Hulud 2.0, that executes malicious code during the preinstall phase, “significantly increasing potential exposure in build and runtime environments.”The threat leverages…
Shai-Hulud worm returns stronger and more automated than ever before

Nov 25, 2025 12:49 AM

Tags: github, malware, open-source, worm

Self-replicating malware has infected almost 500 open-source packages, exposing more than 26,000 GitHub repositories in less than 24 hours. First seen on cyberscoop.com Jump to article: cyberscoop.com/supply-chain-attack-shai-hulud-npm/
Shai-Hulud worm returns stronger and more automated than ever before

Nov 25, 2025 12:49 AM

Tags: github, malware, open-source, worm

Self-replicating malware has infected almost 500 open-source packages, exposing more than 26,000 GitHub repositories in less than 24 hours. First seen on cyberscoop.com Jump to article: cyberscoop.com/supply-chain-attack-shai-hulud-npm/
Shai-Hulud 2.0: over 14,000 secrets exposed

Nov 24, 2025 7:49 PM

Tags: attack, breach, credentials, data-breach, github, supply-chain, threat

On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens. GitGuardian identified 14,206 secrets across 487 organizations, with 2,485 still valid. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/shai-hulud-2-0-over-14000-secrets-exposed/
Shai-Hulud 2.0: over 14,000 secrets exposed

Nov 24, 2025 7:49 PM

Tags: attack, breach, credentials, data-breach, github, supply-chain, threat

On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens. GitGuardian identified 14,206 secrets across 487 organizations, with 2,485 still valid. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/shai-hulud-2-0-over-14000-secrets-exposed/