Tag: github

WhatsApp API worked exactly as promised, and stole everything

Dec 23, 2025 1:19 PM

Tags: access, api, attack, backdoor, encryption, endpoint, github, malicious, malware, metric, monitoring, supply-chain, threat, tool, update

Backdoor sticks around even after package removal: Koi said the most significant component of the attack was its persistence. WhatsApp allows users to link multiple devices to a single account through a pairing process involving an 8-character code. The malicious lotusbail package hijacked this mechanism by embedding a hardcoded pairing code that effectively added the…
Scammers use AI to make fake art seem real

Dec 22, 2025 6:19 PM

Tags: ai, attack, credentials, cyber, github, leak, scam, startup, threat, training

Human-in-the-loop isn’t enough: New attack turns AI safeguards into exploitsAI startups leak sensitive credentials on GitHub, exposing models and training dataAI hallucinations lead to a new cyber threat: Slopsquatting First seen on csoonline.com Jump to article: www.csoonline.com/article/4110618/scammers-use-ai-to-make-fake-art-seem-real.html
AI-Generated Code Ships Faster, But Crashes Harder

Dec 19, 2025 9:19 PM

Tags: ai, github

Machine-Written Pull Requests Contain 70% More Bugs. CodeRabbit analyzed 470 GitHub pull requests and found AI-generated code introduces more defects than human-written code across logic, security, maintainability and performance categories, with severity spiking higher as well. The use of AI code generation has expanded across the industry. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-generated-code-ships-faster-but-crashes-harder-a-30352
What’s Powering Enterprise AI in 2025: ThreatLabz Report Sneak Peek

Dec 18, 2025 6:19 AM

Tags: access, ai, api, attack, business, communications, compliance, control, corporate, data, exploit, finance, github, google, intelligence, LLM, malware, mitigation, openai, privacy, programming, risk, saas, service, social-engineering, software, supply-chain, threat, tool, vulnerability

As 2025 comes to a close, artificial intelligence (AI) is a clear throughline across enterprise organizations. Many teams are still in the thick of implementing AI or deciding where and how to use it. Keeping up with usage trends and developments on top of that has become increasingly difficult. AI innovation moves fast and LLMs…
What’s Powering Enterprise AI in 2025: ThreatLabz Report Sneak Peek

Dec 18, 2025 6:19 AM

Tags: access, ai, api, attack, business, communications, compliance, control, corporate, data, exploit, finance, github, google, intelligence, LLM, malware, mitigation, openai, privacy, programming, risk, saas, service, social-engineering, software, supply-chain, threat, tool, vulnerability

As 2025 comes to a close, artificial intelligence (AI) is a clear throughline across enterprise organizations. Many teams are still in the thick of implementing AI or deciding where and how to use it. Keeping up with usage trends and developments on top of that has become increasingly difficult. AI innovation moves fast and LLMs…
What’s Powering Enterprise AI in 2025: ThreatLabz Report Sneak Peek

Dec 18, 2025 6:19 AM

Tags: access, ai, api, attack, business, communications, compliance, control, corporate, data, exploit, finance, github, google, intelligence, LLM, malware, mitigation, openai, privacy, programming, risk, saas, service, social-engineering, software, supply-chain, threat, tool, vulnerability

As 2025 comes to a close, artificial intelligence (AI) is a clear throughline across enterprise organizations. Many teams are still in the thick of implementing AI or deciding where and how to use it. Keeping up with usage trends and developments on top of that has become increasingly difficult. AI innovation moves fast and LLMs…
The 12 Months of Innovation: How Salt Security Helped Rewrite API AI Security in 2025

Dec 17, 2025 3:19 PM

Tags: access, ai, api, attack, automation, breach, business, ciso, cloud, compliance, control, crowdstrike, cyber, data, data-breach, defense, detection, email, exploit, github, governance, injection, insurance, intelligence, privacy, risk, risk-management, software, strategy, supply-chain, threat, tool, waf

As holiday lights go up and inboxes fill with year-in-review emails, it’s tempting to look back on 2025 as “the year of AI.” But for security teams, it was something more specific the year APIs, AI agents, and MCP servers collided across the API fabric, expanding the attack surface faster than most organizations could keep…
Android Users at Risk as Malware Poses as mParivahan and e-Challan Apps

Dec 15, 2025 9:19 PM

Tags: android, credentials, cyber, finance, github, government, india, malicious, malware, phishing, risk, service

A sophisticated Android malware campaign dubbed NexusRoute is actively targeting Indian users by impersonating the Indian Government Ministry, mParivahan, and e-Challan services to steal credentials and carry out large-scale financial fraud. The operation combines phishing, malware, and surveillance capabilities. It is being distributed via malicious APKs hosted on GitHub and clusters of phishing domains that…
GitHub Scanner for React2Shell (CVE-2025-55182) Turns Out to Be Malware

Dec 15, 2025 6:19 PM

Tags: cve, data-breach, github, malware, vulnerability

A GitHub repository posing as a vulnerability scanner for CVE-2025-55182, also referred to as “React2Shell,” was exposed as… First seen on hackread.com Jump to article: hackread.com/github-scanner-react2shell-cve-2025-55182-malware/
December Patch Tuesday: Windows Cloud Files Mini Filter Driver hole already being exploited

Dec 10, 2025 5:33 AM

Tags: access, apache, api, attack, cloud, cve, cvss, data, email, exploit, flaw, github, identity, injection, LLM, microsoft, office, phishing, remote-code-execution, risk, sap, threat, unauthorized, update, vulnerability, windows

CVE-2025-64666, an escalation of privilege (EoP) hole allowed by improper input validation;CVE-2025-64667, which allows a threat actor to spoof over a network.While rated Important and assessed as exploitation Less/Unlikely, Walters notes that these flaws affect core messaging and identity surfaces, and can become critical when chained, such as by spoofing enabling phishing, or EoP facilitating mailbox…
GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Dec 10, 2025 5:33 AM

Tags: access, api, authentication, awareness, cloud, credentials, data-breach, detection, exploit, github, infrastructure, malicious, mfa, monitoring, security-incident, strategy, threat, training

Easily evading detection: Wiz found that a threat actor with basic read permissions via a PAT can use GitHub’s API code search to discover secret names embedded directly in a workflow’s yaml code, accessed via “${{ secrets.SECRET_NAME }}.”The danger is that this secret discovery method is difficult to monitor because search API calls are not…
GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Dec 10, 2025 5:33 AM

Tags: access, api, authentication, awareness, cloud, credentials, data-breach, detection, exploit, github, infrastructure, malicious, mfa, monitoring, security-incident, strategy, threat, training

Easily evading detection: Wiz found that a threat actor with basic read permissions via a PAT can use GitHub’s API code search to discover secret names embedded directly in a workflow’s yaml code, accessed via “${{ secrets.SECRET_NAME }}.”The danger is that this secret discovery method is difficult to monitor because search API calls are not…
December Patch Tuesday: Windows Cloud Files Mini Filter Driver hole already being exploited

Dec 10, 2025 5:33 AM

Tags: access, apache, api, attack, cloud, cve, cvss, data, email, exploit, flaw, github, identity, injection, LLM, microsoft, office, phishing, remote-code-execution, risk, sap, threat, unauthorized, update, vulnerability, windows

CVE-2025-64666, an escalation of privilege (EoP) hole allowed by improper input validation;CVE-2025-64667, which allows a threat actor to spoof over a network.While rated Important and assessed as exploitation Less/Unlikely, Walters notes that these flaws affect core messaging and identity surfaces, and can become critical when chained, such as by spoofing enabling phishing, or EoP facilitating mailbox…
December Patch Tuesday: Windows Cloud Files Mini Filter Driver hole already being exploited

Dec 10, 2025 5:33 AM

Tags: access, apache, api, attack, cloud, cve, cvss, data, email, exploit, flaw, github, identity, injection, LLM, microsoft, office, phishing, remote-code-execution, risk, sap, threat, unauthorized, update, vulnerability, windows

CVE-2025-64666, an escalation of privilege (EoP) hole allowed by improper input validation;CVE-2025-64667, which allows a threat actor to spoof over a network.While rated Important and assessed as exploitation Less/Unlikely, Walters notes that these flaws affect core messaging and identity surfaces, and can become critical when chained, such as by spoofing enabling phishing, or EoP facilitating mailbox…
GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Dec 10, 2025 5:33 AM

Tags: access, api, authentication, awareness, cloud, credentials, data-breach, detection, exploit, github, infrastructure, malicious, mfa, monitoring, security-incident, strategy, threat, training

Easily evading detection: Wiz found that a threat actor with basic read permissions via a PAT can use GitHub’s API code search to discover secret names embedded directly in a workflow’s yaml code, accessed via “${{ secrets.SECRET_NAME }}.”The danger is that this secret discovery method is difficult to monitor because search API calls are not…
Critical Vulnerabilities Found in GitHub Copilot, Gemini CLI, Claude, and Other AI Tools Affect Millions

Dec 8, 2025 7:35 AM

Tags: ai, attack, cyber, data, exploit, github, tool, vulnerability

A groundbreaking security research project has uncovered a new class of vulnerabilities affecting virtually every major AI-powered integrated development environment (IDE) and coding assistant on the market. Dubbed >>IDEsaster,
Critical Vulnerabilities Found in GitHub Copilot, Gemini CLI, Claude, and Other AI Tools Affect Millions

Dec 8, 2025 7:35 AM

Tags: ai, attack, cyber, data, exploit, github, tool, vulnerability

A groundbreaking security research project has uncovered a new class of vulnerabilities affecting virtually every major AI-powered integrated development environment (IDE) and coding assistant on the market. Dubbed >>IDEsaster,
AWS AI IDE, AgentCore throw down gauntlets for Microsoft

Dec 6, 2025 1:32 AM

Tags: ai, github, microsoft, update

Kiro emerges as a significant alternative to GitHub Copilot agents, while AWS AgentCore updates square off against Agent 365 in the battle for enterprise AI development. First seen on techtarget.com Jump to article: www.techtarget.com/searchsoftwarequality/news/366635669/AWS-AI-IDE-AgentCore-throw-down-gauntlets-for-Microsoft
AI Agents Create Critical Supply Chain Risk in GitHub Actions

Dec 5, 2025 12:32 AM

Tags: ai, github, injection, leak, risk, supply-chain

PromptPwnd shows how simple prompt injections can let attackers compromise GitHub Actions and leak sensitive data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/ai-agents-create-critical-supply-chain-risk-in-github-actions/
From feeds to flows: Using a unified linkage model to operationalize threat intelligence

Dec 4, 2025 6:32 PM

Tags: access, api, attack, authentication, automation, business, ciso, cloud, compliance, container, control, corporate, credentials, cyber, cybersecurity, data, defense, exploit, finance, firewall, framework, github, government, iam, identity, infrastructure, intelligence, ISO-27001, malicious, metric, mitre, monitoring, network, nist, open-source, phishing, risk, risk-assessment, risk-management, saas, service, siem, soc, software, supply-chain, tactics, threat, tool, update, vulnerability, zero-trust

what to watch for, but not why it matters or how it moves through your environment.The result is a paradox of abundance: CISOs have more data than ever before, but less operational clarity. Analysts are overwhelmed by indicators disconnected from context or mission relevance.Each feed represents a snapshot of a potential threat, but it does…
Shai-Hulud 2.0 NPM-Malware-Angriff erbeutet ~400 K Entwickler-Geheimnisse

Dec 4, 2025 5:32 AM

Tags: cyberattack, github, malware

Seit voriger Woche treibt Shai-Hulud 2.0, ein Wurm, sein Unwesen und schleust sich über NPM-Pakete von einem Opfer zum nächsten. Bisher wurden Zugangsdaten von über 25.000 GitHub-Repositories entwendet und bis zu 400.000 Entwicklergeheimnisse offoen gelegt. Auch die Sicherheitsforscher von Sysdig haben den … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/04/shai-hulud-2-0-npm-malware-angriff-erbeutet-400-k-entwickler-geheimnisse/
Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets

Dec 2, 2025 8:49 PM

Tags: attack, breach, data, data-breach, github, malware

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen data in 30,000 GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shai-hulud-20-npm-malware-attack-exposed-up-to-400-000-dev-secrets/
SmartTube Android TV App Compromised After Signing Keys Leak

Dec 2, 2025 4:49 PM

Tags: android, cyber, data-breach, github, leak, open-source

SmartTube, a popular open-source YouTube client for Android TV devices with over 25,900 GitHub stars, has been compromised after its digital signing keys were exposed, prompting an urgent security response from developer Yurii Liskov (yuliskov). The incident, disclosed on November 27, 2025, has forced affected users to reinstall the application under a new digital signature…
Contagious Interview attackers go ‘full stack’ to fool developers

Dec 1, 2025 5:49 PM

Tags: attack, control, credentials, crypto, data, endpoint, exploit, github, infrastructure, intelligence, macOS, malicious, malware, open-source, social-engineering, supply-chain, theft, threat, update, windows, worm

Coding tasks lead to malware delivery: These defensive measures are effective because Contagious Interview’s entry vector relies heavily on social engineering, using fake interview tasks to trick developers into installing compromised dependencies.The campaign exploits NPM, a widely used package registry for JavaScript and Node.js, by publishing packages that appear benign but carry hidden payloads. The…
Seit Wochen auf Github: Virenscanner scheitern an neuem Android-Trojaner

Nov 28, 2025 4:49 PM

Tags: android, github

Ein neuer Android-Trojaner namens Radzarat kursiert seit Wochen auf Github. Nur die wenigsten Virenscanner sehen ihn bisher als Bedrohung. First seen on golem.de Jump to article: www.golem.de/news/auf-github-verfuegbar-virenscanner-erkennen-oeffentlichen-android-trojaner-nicht-2511-202715.html
Seit Wochen auf Github: Virenscanner scheitern an öffentlichem Android-Trojaner

Nov 28, 2025 2:49 PM

Tags: android, github

Ein neuer Android-Trojaner namens Radzarat kursiert seit Wochen auf Github. Nur die wenigsten Virenscanner sehen ihn bisher als Bedrohung. First seen on golem.de Jump to article: www.golem.de/news/auf-github-verfuegbar-virenscanner-erkennen-oeffentlichen-android-trojaner-nicht-2511-202715.html
Auf Github verfügbar: Virenscanner erkennen öffentlichen Android-Trojaner nicht

Nov 28, 2025 1:49 PM

Tags: android, github

Ein neuer Android-Trojaner namens Radzarat kursiert seit Wochen auf Github. Nur die wenigsten Virenscanner sehen ihn bisher als Bedrohung. First seen on golem.de Jump to article: www.golem.de/news/auf-github-verfuegbar-virenscanner-erkennen-oeffentlichen-android-trojaner-nicht-2511-202715.html
KawaiiGPT: A Free WormGPT Clone Using DeepSeek, Gemini, and Kimi-K2 Models

Nov 28, 2025 6:49 AM

Tags: ai, cyber, github, open-source, tool

A new open-source tool called KawaiiGPT has surfaced on GitHub, positioning itself as a >>cute>jailbroken>WormGPT kawaii ver,
Security researchers caution app developers about risks in using Google Antigravity

Nov 28, 2025 5:49 AM

Tags: access, ai, attack, backdoor, control, cybersecurity, data, email, flaw, framework, github, google, identity, infrastructure, injection, malicious, malware, risk, threat, tool, vulnerability

CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
Security researchers caution app developers about risks in using Google Antigravity

Nov 28, 2025 5:49 AM

Tags: access, ai, attack, backdoor, control, cybersecurity, data, email, flaw, framework, github, google, identity, infrastructure, injection, malicious, malware, risk, threat, tool, vulnerability

CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…