Tag: github
-
Angriffe auf npm-Lieferkette gefährden Entwicklungsumgebungen
Tags: ai, api, browser, bug, chrome, cloud, computer, control, cyberattack, data-breach, github, malware, software, supply-chain, toolAngriffe auf das NX-Build-System und React-Pakete zeigen, dass die Bedrohungen für Softwareentwicklung in Unternehmen immer größer werden.Ein ausgeklügelter Supply-Chain-Angriff hat das weit verbreitete Entwickler-Tool Nx-Build-System-Paket kompromittiert, das über den Node Package Manager (npm) installiert und verwendet wird. Dadurch wurden zahlreiche Anmeldedaten von Entwicklern offengelegt. Laut einem neuen Bericht des Sicherheitsunternehmens Wiz wurden bei dieser Kampagne…
-
Angriffe auf npm-Lieferkette gefährden Entwicklungsumgebungen
Tags: ai, api, browser, bug, chrome, cloud, computer, control, cyberattack, data-breach, github, malware, software, supply-chain, toolAngriffe auf das NX-Build-System und React-Pakete zeigen, dass die Bedrohungen für Softwareentwicklung in Unternehmen immer größer werden.Ein ausgeklügelter Supply-Chain-Angriff hat das weit verbreitete Entwickler-Tool Nx-Build-System-Paket kompromittiert, das über den Node Package Manager (npm) installiert und verwendet wird. Dadurch wurden zahlreiche Anmeldedaten von Entwicklern offengelegt. Laut einem neuen Bericht des Sicherheitsunternehmens Wiz wurden bei dieser Kampagne…
-
Anthropic is testing GPT Codex-like Claude Code web app
Anthropic is planning to bring the famous Claude Code to the web, and it might be similar to ChatGPT Codex, but you’ll need GitHub to get started. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/anthropic-is-testing-gpt-codex-like-claude-code-web-app/
-
Anthropic is testing GPT Codex-like Claude Code web app
Anthropic is planning to bring the famous Claude Code to the web, and it might be similar to ChatGPT Codex, but you’ll need GitHub to get started. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/anthropic-is-testing-gpt-codex-like-claude-code-web-app/
-
SUSE Fleet: Plain Text Storage of Vulnerability Exploit Helm Values
A high-severity vulnerability in SUSE’s Fleet, a GitOps management tool for Kubernetes clusters, has been disclosed by security researcher samjustus via GitHub Security Advisory GHSA-6h9x-9j5v-7w9h. The vulnerability, tracked as CVE-2024-52284, allows Helm chart values”, often containing sensitive credentials”, to be stored inside BundleDeployment resources in plain text, exposing them to any user with GET or…
-
SUSE Fleet: Plain Text Storage of Vulnerability Exploit Helm Values
A high-severity vulnerability in SUSE’s Fleet, a GitOps management tool for Kubernetes clusters, has been disclosed by security researcher samjustus via GitHub Security Advisory GHSA-6h9x-9j5v-7w9h. The vulnerability, tracked as CVE-2024-52284, allows Helm chart values”, often containing sensitive credentials”, to be stored inside BundleDeployment resources in plain text, exposing them to any user with GET or…
-
DPRK Remote Work Tactics: Leveraging Code-Sharing Platforms
DPRK IT workers have leveraged popular code-sharing platforms such as GitHub, CodeSandbox, and Medium to cultivate convincing developer portfolios and land remote positions under fabricated identities. Investigations reveal approximately 50 active GitHub profiles operated by North Korean actors, supplemented by dozens of profiles across niche freelancing and forum sites. These operatives employ deepfake profile photos,…
-
Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials
The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary plugins with data-gathering capabilities.”Malicious versions of the nx package, as well as some supporting plugin packages, were published to npm, containing code that scans the…
-
Nx NPM packages poisoned in AI-assisted supply chain attack
Stolen dev credentials posted to GitHub as attackers abuse CLI tools for recon First seen on theregister.com Jump to article: www.theregister.com/2025/08/27/nx_npm_supply_chain_attack/
-
Proxyware Malware Poses as YouTube Video Download Site, Delivering Malicious JavaScript
Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a persistent campaign where attackers distribute proxyware malware through fake YouTube video download pages. This operation, which mimics legitimate video downloading services, tricks users into installing malicious executables disguised as benign tools like WinMemoryCleaner. The attackers leverage GitHub for malware hosting, a tactic consistent with…
-
Rogue Go Module Doubles as Fast SSH Brute-Forcer, Sends Stolen Passwords via Telegram
Socket’s Threat Research Team has uncovered a deceptive Go module named golang-random-ip-ssh-bruteforce, which masquerades as an efficient SSH brute-forcing tool but secretly exfiltrates stolen credentials to its creator. Published on June 24, 2022, this package remains active on the Go Module ecosystem and GitHub, despite efforts to petition for its removal and the suspension of…
-
Mit dem Harmony-SASE-MCP-Server integriert Check Point SASE in KI-Tools
Check Point Software Technologies gibt seinen Kunden mit die Möglichkeit an die Hand, ihre alltäglichen KI-Tools mit Harmony-SASE zu verbinden. Auf diese Weise können die Unternehmenssicherheit und die Netzwerker schnell detaillierte Informationen erlangen. MCP ist ein offener Standard, mit dem KI- und IDE-Assistenten (Claude, Cursor, Github Copilot usw.) auf konsistente und […] First seen on…
-
Black Duck Debuts GitHub App to Automate Security Scans at Scale
Black Duck has released a new GitHub App designed to make it easier for development and security teams to automate security testing across their repositories. Now available in the GitHub Marketplace, the Black Duck Security GitHub App integrates with Polaris, Black Duck SCA, and Coverity, streamlining both onboarding and continuous synchronisation of GitHub repositories. The…
-
CodeRabbit RCE Flaw Gives Attackers Write Access to 1M Repositories
A critical remote code execution vulnerability in CodeRabbit, one of GitHub’s most popular AI-powered code review tools, could have allowed attackers to gain read and write access to over one million code repositories, including private ones, according to security researchers from Kudelski Security who disclosed the flaw at Black Hat USA 2024. The security flaw…
-
North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms
North Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in their southern counterpart between March and July 2025.The activity manifested in the form of at least 19 spear-phishing emails that impersonated trusted diplomatic contacts with the goal of luring embassy staff and foreign ministry personnel with convincing meeting…
-
10 Major GitHub Risk Vectors Hidden in Plain Sight
By addressing these overlooked risk vectors, organizations can continue leveraging GitHub’s innovation while protecting against sophisticated supply chain attacks targeting interconnected software. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/10-github-risk-vectors
-
10 Major GitHub Risk Vectors Hidden in Plain Sight
By addressing these overlooked risk vectors, organizations can continue leveraging GitHub’s innovation while protecting against sophisticated supply chain attacks targeting interconnected software. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/10-github-risk-vectors
-
North Korean Kimsuky Hackers Use GitHub to Target Foreign Embassies with XenoRAT Malware
Tags: cyber, data-breach, email, espionage, github, group, hacker, malware, north-korea, password, phishing, spear-phishingThe Trellix Advanced Research Center exposed a DPRK-linked espionage operation attributed to the Kimsuky group (APT43), targeting diplomatic missions in South Korea. Between March and July, at least 19 spear-phishing emails impersonated trusted diplomatic contacts, delivering malware via password-protected ZIP archives hosted on Dropbox and Daum. These emails lured embassy staff with credible invitations to…
-
XenoRAT malware campaign hits multiple embassies in South Korea
A state-sponsored espionage campaign is targeting foreign embassies in South Korea to deploy XenoRAT malware from malicious GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/xenorat-malware-campaign-hits-multiple-embassies-in-south-korea/
-
XenoRAT malware campaign hits multiple embassies in South Korea
A state-sponsored espionage campaign is targeting foreign embassies in South Korea to deploy XenoRAT malware from malicious GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/xenorat-malware-campaign-hits-multiple-embassies-in-south-korea/
-
Paywalls der Verlage überwinden: Bypass Paywall Clean von Mozilla geblockt
Mozilla ging nun auch gegen das Tool Bypass Paywalls Clean vor. Beim Firefox ist das Add-on deaktiviert, GitHub löschte das Tool ohnehin. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/paywalls-der-verlage-ueberwinden-bypass-paywall-clean-von-mozilla-geblockt-319664.html
-
So verwundbar sind KI-Agenten
KI-Agenten sind nützlich und gefährlich, wie aktuelle Untersuchungserkenntnisse von Sicherheitsexperten demonstrieren.Large Language Models (LLMs) werden mit immer mehr Tools und Datenquellen verbunden. Das bringt Vorteile, vergrößert aber auch die Angriffsfläche und schafft für Cyberkriminelle neue Prompt-Injection-Möglichkeiten. Das ist bekanntermaßen keine neue Angriffstechnik, erreicht aber mit Agentic AI ein völlig neues Level. Das demonstrierten Research-Spezialisten des…
-
So verwundbar sind KI-Agenten
KI-Agenten sind nützlich und gefährlich, wie aktuelle Untersuchungserkenntnisse von Sicherheitsexperten demonstrieren.Large Language Models (LLMs) werden mit immer mehr Tools und Datenquellen verbunden. Das bringt Vorteile, vergrößert aber auch die Angriffsfläche und schafft für Cyberkriminelle neue Prompt-Injection-Möglichkeiten. Das ist bekanntermaßen keine neue Angriffstechnik, erreicht aber mit Agentic AI ein völlig neues Level. Das demonstrierten Research-Spezialisten des…
-
Code-Sicherheit in Echtzeit: Checkmarx stellt Developer Assist für KI-native IDEs vor
Checkmarx, der Marktführer im Bereich autonomer, Cloud- nativer Anwendungssicherheit, stellt Checkmarx One Developer Assist vor, mit Erweiterungen für etablierte KI-native Entwicklungsumgebungen wie Windsurf by Cognition, Cursor und GitHub Copilot. First seen on ap-verlag.de Jump to article: ap-verlag.de/code-sicherheit-in-echtzeit-checkmarx-stellt-developer-assist-fuer-ki-native-ides-vor/98058/
-
CastleLoader Malware Hits 400+ Devices via Cloudflare-Themed ClickFix Phishing Attack
CastleLoader, a sophisticated malware loader, has compromised over 400 devices since its debut in early 2025, with cybersecurity firm PRODAFT reporting 469 infections out of 1,634 attempts by May 2025, achieving a staggering 28.7% success rate. This modular threat actor leverages advanced phishing techniques, including Cloudflare-themed ClickFix lures and deceptive GitHub repositories, to deploy a…
-
CastleLoader Malware Hits 400+ Devices via Cloudflare-Themed ClickFix Phishing Attack
CastleLoader, a sophisticated malware loader, has compromised over 400 devices since its debut in early 2025, with cybersecurity firm PRODAFT reporting 469 infections out of 1,634 attempts by May 2025, achieving a staggering 28.7% success rate. This modular threat actor leverages advanced phishing techniques, including Cloudflare-themed ClickFix lures and deceptive GitHub repositories, to deploy a…
-
Malicious Go Packages Used by Threat Actors to Deploy Obfuscated Remote Payloads
Socket’s Threat Research Team has identified eleven malicious Go packages distributed via GitHub, with ten remaining active on the Go Module Mirror, posing ongoing risks to developers and CI/CD pipelines. Eight of these packages employ typosquatting techniques, mimicking legitimate modules to exploit namespace confusion in Go’s decentralized ecosystem, where direct imports from repositories can lead…