Tag: github
-
‘We too were breached,’ says Google, months after revealing Salesforce attacks
Attackers may have claimed a Google breach, too: GTIG had also disclosed extortion activities related to UNC6040 intrusions, sometimes carried out several months after the initial data theft, by another threat group, UNC6240, which identified themselves as the notorious BreachForums admin ‘ShinyHunters’.At the time, the GTIG team had presumed the claim to be a stunt…
-
Why the lifecycle of secrets defines your security posture
Over 39 million secrets were leaked on GitHub in 2024. Discover why most teams fail at secrets management and how lifecycle-aware practices can help. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/why-the-lifecycle-of-secrets-defines-your-security-posture/
-
Full Stack Development in the Age of LLMs: What CTOs and Product Leaders Must Know
In 2025, code isn’t just written it’s generated, interpreted, and augmented by AI. GitHub Copilot is already writing 46% of code in supported languages, and…Read More First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2025/08/full-stack-development-in-the-age-of-llms-what-ctos-and-product-leaders-must-know/
-
Contrast Security Adds GitHub Copilot and Sumo Logic Integrations to ADR Platform
This week at the Black Hat USA 2025 conference, Contrast Security added integrations with GitHub Copilot and the security information and event management (SIEM) platform from Sumo Logic to the Northstar edition of its application detection and response (ADR) platform. The ADR platform from Contrast Security maps live attack paths and correlates runtime behavior to surface..…
-
Contrast Security Adds GitHub Copilot and Sumo Logic Integrations to ADR Platform
This week at the Black Hat USA 2025 conference, Contrast Security added integrations with GitHub Copilot and the security information and event management (SIEM) platform from Sumo Logic to the Northstar edition of its application detection and response (ADR) platform. The ADR platform from Contrast Security maps live attack paths and correlates runtime behavior to surface..…
-
LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware as Safe Code
A new security flaw, LegalPwn, exploits a weakness in generative AI tools like GitHub Copilot and ChatGPT, where malicious code is disguised as legal disclaimers. Learn why human oversight is now more critical than ever for AI security. First seen on hackread.com Jump to article: hackread.com/legalpwn-attack-genai-tools-misclassify-malware-safe-code/
-
CISA releases Thorium, an open-source, scalable platform for malware analysis
Tags: access, ceo, cio, cisa, compliance, container, control, cyber, cybersecurity, data, docker, framework, github, governance, incident response, kubernetes, malware, open-source, privacy, risk, skills, toolRethinking malware analysis at scale: Enterprise-grade malware analysis tools and platforms have been widely used in the security community. But many of them require paid licenses, lack orchestration at scale, or are difficult to integrate with enterprise workflows. Experts view Thorium as a significant democratization of advanced malware analysis technology.”It is a big deal as…
-
Hackers Deploy Cobalt Strike Beacon Using GitHub and Social Media
A sophisticated cyberattack campaign disrupted the Russian IT industry and entities in several other countries, leveraging advanced evasion techniques to deploy the notorious Cobalt Strike Beacon. Attackers ingeniously concealed payload information within user profiles on platforms like GitHub, Microsoft Learn Challenge, Quora, and Russian social networks, blending malicious data into legitimate user-generated content to bypass…
-
Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm
Researchers discovered backdoors, poisoned code, and malicious commits in some of the more popular tool developers, jeopardizing software supply chains. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/supply-chain-attacks-github-actions-gravity-forms-npm
-
GitHub Outage Hits Users Globally, Core Services Unavailable
GitHub experienced a significant global outage on July 28-29, 2025, disrupting core services used by millions of developers worldwide. The incident, which lasted approximately eight hours, affected API requests, Issues, and Pull Requests functionality before being fully resolved early Tuesday morning. The outage began around 22:40 UTC on July 28, when GitHub’s engineering team started…
-
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
Tags: access, attack, authentication, breach, github, hacker, malicious, software, supply-chain, threatIn what’s the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal’s GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry.The packages contained code to exfiltrate GitHub authentication tokens and destroy victim systems, Socket said in a report published last week. In…
-
Raven Stealer Malware Exploits Telegram to Steal Logins, Payment Data, and Autofill Info
Raven Stealer has emerged as sophisticated, lightweight information-stealing malware crafted in Delphi and C++, targeting Windows systems with a focus on extracting sensitive data like logins, payment details, and autofill information from Chromium-based browsers such as Chrome and Edge. First spotted on GitHub on July 15, 2025, this malware operates with high stealth, requiring minimal…
-
Entwickler-Tool von Amazon verseucht
Tags: access, ai, cloud, cyberattack, cybersecurity, github, governance, hacker, injection, monitoring, open-source, risk, supply-chain, tool, update, vulnerabilityAuch die leistungsstärksten KI-Tools sind kontraproduktiv, wenn sie nicht richtig abgesichert sind. Einem Hacker ist es gelungen, zerstörerische Systembefehle in die Visual-Studio-Code-Extension einzuschleusen, die für den Zugriff auf Amazons KI-gestützten Programmierassistenten Q verwendet wird. Der Angreifer konnte das Entwickler-Tool (mit mehr als 950.000 Installationen) über ein nicht-verifiziertes GitHub-Konto verseuchen: Er reichte Ende Juni 2025 einen…
-
Microsoft-owned GitHub: Open source needs funding. Ya think?
‘Industry, national governments, and the EU’ must pay for maintainers. El Reg says charity shouldn’t start at home First seen on theregister.com Jump to article: www.theregister.com/2025/07/24/microsoftowned_github_says_open_source/
-
Freelance dev shop Toptal caught serving malware after GitHub account break-in
Malicious code lurking in over 5,000 downloads, says Socket researcher First seen on theregister.com Jump to article: www.theregister.com/2025/07/25/toptal_malware_attack/
-
Hacker Added Prompt to Amazon Q to Erase Files and Cloud Data
A hacker injected a malicious prompt into Amazon Q via GitHub, aiming to delete user files and wipe AWS data, exposing a major security flaw. First seen on hackread.com Jump to article: hackread.com/hacker-added-prompt-amazon-q-erase-files-cloud-data/
-
Malware Injected into 7 npm Packages After Maintainer Tokens Stolen in Phishing Attack
Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers’ npm tokens.The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub…
-
Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack
Tags: attack, authentication, credentials, detection, github, malicious, mfa, phishing, rce, remote-code-execution, supply-chain, updateAutomated GitHub alarms triggered a quick response: Detection was swift once the updates bypassed GitHub’s usual commit-based alerts and raised red flags in registry logs. The maintainer revoked the compromised token, deprecated the malicious releases, and collaborated with npm to remove them.Socket noted that the attack is a textbook example of “multi-stage supply chain compromise,”…
-
New Scanner Launched to Detect CVE-2025-53770 in SharePoint Servers
A cybersecurity researcher has released a new open-source scanner designed to detect a critical vulnerability affecting Microsoft SharePoint servers, providing organizations with a crucial tool to assess their security posture against the recently disclosed CVE-2025-53770 flaw. Rapid Response to Critical SharePoint Vulnerability Belgian cybersecurity freelancer Niels Hofmans, known by the GitHub handle >>hazcod,
-
Intel announces end of Clear Linux OS project, archives GitHub repos
The Clear Linux OS team has announced the shutdown of the project, marking the end of its 10-year existence in the open-source ecosystem. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/intel-announces-end-of-clear-linux-os-project-archives-github-repos/
-
Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack
Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers’ npm tokens.The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub…
-
Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack
Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers’ npm tokens.The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub…
-
Botnet Abuses GitHub Repositories to Spread Malware
Hackers Using Amadey Bot to Drops Payloads From Fake GitHub Accounts. Threat actors are using public GitHub repositories to host and distribute malware through the Amadey botnet in an ongoing campaign linked to a broader malware-as-a-service operation, Cisco Talos said in a report published Thursday. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/botnet-abuses-github-repositories-to-spread-malware-a-29014
-
Threat Actors Exploit GitHub Accounts to Host Payloads, Tools, and Amadey Malware Plugins
Cisco Talos researchers identified a sophisticated Malware-as-a-Service (MaaS) operation in April 2025 that employed the Amadey botnet to distribute various payloads. This operation exploited fake GitHub accounts as open directories for hosting malicious payloads, tools, and Amadey plugins, aiming to evade web filtering mechanisms and simplify distribution. By leveraging GitHub’s legitimate domain, threat actors could…
-
GitHub abused to distribute payloads on behalf of malware-as-a-service
The repository offered the MaaS a distribution channel not blocked in many networks. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/malware-as-a-service-caught-using-github-to-distribute-its-payloads/
-
Malware-as-a-service caught using GitHub to distribute its payloads
The repository offered the MaaS a distribution channel not blocked in many networks. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/malware-as-a-service-caught-using-github-to-distribute-its-payloads/
-
Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025.”The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use,” Cisco Talos researchers…
-
Malware-as-a-Service Campaign Exploits GitHub to Deliver Payloads
A new malware campaign uses GitHub to deliver payloads via Amadey botnet, bypassing email distribution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/maas-campaign-github-payloads/