Tag: github
-
Beware Developers Fake Coding Challenges Will Deploy FogDoor on Your System
Researchers has discovered a sophisticated malware operation that poses as a fake coding challenge and targets Polish-speaking professionals. This campaign, known as >>FizzBuzz to FogDoor,>FizzBuzz>Zadanie rekrutacyjne.iso,
-
GitHub Action attack initially set sights on Coinbase
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/github-action-attack-initially-set-sights-on-coinbase
-
âš¡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
by
in SecurityNewsA quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects.That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined the…
-
âš¡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
by
in SecurityNewsA quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects.That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined the…
-
Albabat Ransomware Expands Targets, Abuses GitHub
by
in SecurityNewsNew versions of the Albabat ransomware target Windows, Linux, and macOS, and retrieve configuration files from GitHub. The post Albabat Ransomware Expands Targets, Abuses GitHub appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/albabat-ransomware-expands-targets-abuses-github/
-
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed
by
in SecurityNewsThe supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope.”The payload was focused on exploiting the public CI/CD flow of one of their open source projects agentkit, probably with the purpose of leveraging it for further compromises,”…
-
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
by
in SecurityNewsThe supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope.”The payload was focused on exploiting the public CI/CD flow of one of their open source projects agentkit, probably with the purpose of leveraging it for further compromises,”…
-
CVE-2025-24813: Apache Tomcat Vulnerable to RCE Attacks
by
in SecurityNewsIntroductionCVE-2025-24813 was originally published on March 10 with a medium severity score of 5.5, and Apache Tomcat released an update to fix it. On March 12, the first attack was detected in Poland by Wallarm researchers, even before a Proof-of-Concept (PoC) was made public. After the PoC was released on March 13 on GitHub and…
-
Coinbase was primary target of recent GitHub Actions breaches
by
in SecurityNewsResearchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-was-primary-target-of-recent-github-actions-breaches/
-
GitHub Action supply chain attack less impactful than thought
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/github-action-supply-chain-attack-less-impactful-than-thought
-
Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse
by
in SecurityNewsRecent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows but also Linux and macOS systems. This expansion highlights the increasing sophistication of ransomware groups in exploiting multiple operating systems to maximize their impact. The Albabat group has been leveraging GitHub to streamline its operations,…
-
Coinbase originally targeted during GitHub Action supply chain attack
by
in SecurityNewsResearchers from Palo Alto Networks said the hackers likely planned to leverage an open source project of the company for additional attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/coinbase-targeted-github-action-attack/743186/
-
Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed
by
in SecurityNewsMore details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause. The post Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/impact-root-cause-of-github-actions-supply-chain-hack-revealed/
-
North Korean IT Workers Exploit GitHub to Launch Global Cyberattacks
by
in SecurityNewsA recent investigation by cybersecurity firm Nisos has uncovered a coordinated effort by North Korean IT workers to exploit GitHub for creating fake personas, enabling them to secure remote jobs in Japan and the United States. These individuals, posing as professionals from countries like Vietnam, Japan, and Singapore, primarily target roles in engineering and blockchain…
-
GitHub Action compromise linked to previously undisclosed attack
by
in SecurityNewsResearchers uncovered a March 11 incident that may have led to the larger supply chain attack.;; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/github-action-compromise-linked-undisclosed-attack/743079/
-
GitHub Action supply chain attack exposed secrets in 218 repos
by
in SecurityNewsThe compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to the supply chain attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-action-supply-chain-attack-exposed-secrets-in-218-repos/
-
CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
by
in SecurityNews
Tags: breach, cisa, cve, cybersecurity, exploit, flaw, github, infrastructure, kev, malicious, supply-chain, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog.The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote First…
-
GitHub Action hack likely led to another in cascading supply chain attack
by
in SecurityNewsA cascading supply chain attack that began with the compromise of the “reviewdog/action-setup@v1” GitHub Action is believed to have led to the recent breach of “tj-actions/changed-files” that leaked CI/CD secrets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-action-hack-likely-led-to-another-in-cascading-supply-chain-attack/
-
Thousands of GitHub repositories’ secrets exposed by supply chain compromise
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-github-repositories-secrets-exposed-by-supply-chain-compromise
-
Second GitHub Actions Supply Chain Attack Discovered
by
in SecurityNewsMalicious Code Injected in reviewdog Just Hours Before tj-actions Backdoored. Just days after researchers discovered an attack that subverted a widely used tool for software development platform GitHub, they discovered a second, prior attack, as part of what one expert said may be a chain of supply chain attacks eventually leading to a specific high-value…
-
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
by
in SecurityNewsCybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code.”This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent First seen on thehackernews.com Jump…
-
GitHub wird immer mehr zu einem digitalen Minenfeld
by
in SecurityNews
Tags: access, authentication, cloud, computer, cyberattack, cyberespionage, cybersecurity, github, malware, mfa, north-korea, password, updateZuerst waren nur einzelne GitHub-Repositories mit Malware infiziert. Mittlerweile geraten auch Entwickler und deren Konten direkt in das Visier von Cyberkriminellen.Die Plattform GitHub sorgt seit geraumer Zeit für negative Schlagzeilen, da ihre Repositories vermehrt mit Malware infiziert sind. Hierdurch versuchen Cyberkriminelle auf Geräte und Daten zuzugreifen.Jetzt wurden diese Aktivitäten auf Entwickler direkt ausgeweitet. Ziel dieser…
-
OAuth Attacks Target Microsoft 365, GitHub
In a cyber twist, attackers behind two of the campaigns are using the apps to redirect users to phishing and malware distribution sites. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/oauth-attacks-target-microsoft-365-github
-
Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos
by
in SecurityNewsAd giant just confirmed its cloudy arm will embrace security shop in $30B deal First seen on theregister.com Jump to article: www.theregister.com/2025/03/18/wiz_github_supply_chain/
-
GitHub Actions supply chain attack spotlights CI/CD risks
by
in SecurityNewsExperts say a GitHub Actions vulnerability should renew enterprises’ attention to securing build pipelines the same way they secure production environments. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366621078/GitHub-Actions-supply-chain-attack-spotlights-CI-CD-risks
-
GitHub Action tj-actions/changed-files was compromised in supply chain attack
by
in SecurityNewsThe GitHub Action tj-actions/changed-files was compromised, enabling attackers to extract secrets from repositories using the CI/CD workflow. Researchers reported that threat actors compromised the GitHub Action tj-actions/changed-files, allowing the leak of secrets from repositories using the continuous integration and continuous delivery CI/CD workflow. The tj-actions/changed-files GitHub Action is used in over 23,000 repositories, it automates workflows by…
-
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub’s Push Protection
by
in SecurityNewsGeneric secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub’s push protection falls short. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/addressing-the-growing-challenge-of-generic-secrets-beyond-githubs-push-protection/
-
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub’s Push Protection
by
in SecurityNewsGeneric secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub’s push protection falls short. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/addressing-the-growing-challenge-of-generic-secrets-beyond-githubs-push-protection/
-
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub’s Push Protection
by
in SecurityNewsGeneric secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub’s push protection falls short. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/addressing-the-growing-challenge-of-generic-secrets-beyond-githubs-push-protection/