Tag: github
-
Hackers Post Dozens of Malicious Copycat Repos to GitHub
As package registries find better ways to combat cyberattacks, threat actors are finding other methods for spreading their malware to developers. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/dozens-malicious-copycat-repos-github
-
GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos
The campaign had a tell: ReversingLabs observed a few telling signs about the repositories that can help catch the infection at its source. “For the majority of the malicious repositories, the owner only has that (the malicious one) one repository listed under its GitHub account,” Simmons said. “This indicates that these kinds of user accounts…
-
200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead.The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a continuation of a rogue Python campaign that was identified in 2023 as targeting…
-
16 Billion Passwords Stolen From 320 Million+ Computers Leaked Online
Tags: apple, breach, computer, credentials, cyber, cybersecurity, data, data-breach, github, google, government, identity, Internet, leak, login, password, risk, serviceA staggering 16 billion login credentials, usernames, and passwords have been exposed in what cybersecurity experts are calling the largest data breach in internet history. The leak, which impacts major platforms including Apple, Facebook, Google, Instagram, Telegram, GitHub, and even government services, has put billions of online accounts at unprecedented risk of account takeover, identity…
-
67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead.The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a continuation of a rogue Python campaign that was identified in 2023 as targeting…
-
Banana Squad Hides Data-Stealing Malware in Fake GitHub Repositories
Banana Squad hid data-stealing malware in fake GitHub repos posing as Python tools, tricking users and targeting sensitive info like browser and wallet data. First seen on hackread.com Jump to article: hackread.com/banana-squad-data-stealing-malware-github-repositories/
-
Banana Squad’s Stealthy GitHub Malware Campaign Targets Devs
Banana Squad exploited GitHub to distribute malicious Python code disguised as legitimate tools First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/banana-squads-github-malware/
-
Datendiebstahl: Malware tarnt sich als Minecraft-Cheat
Viele Minecraft-Fans haben sich auf Github ein Cheat-Tool heruntergeladen. Es handelt sich aber wohl um Malware, die Daten stiehlt. First seen on golem.de Jump to article: www.golem.de/news/datendiebstahl-malware-tarnt-sich-als-minecraft-cheat-2506-197290.html
-
Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers
Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS). Check Point researchers found a multi-stage malware on GitHub targeting Minecraft users via Stargazers DaaS, using Java/.NET stealers disguised as cheat tools. Minecraft, one of the world’s most popular games with over 200 million monthly players and 300 million…
-
Threat Actor Exploit GitHub and Hosted 60 GitHub Repositories with 100s of Malware
A threat actor group known as Banana Squad has been found exploiting GitHub, a cornerstone platform for developers worldwide, by hosting over 60 malicious repositories containing hundreds of trojanized Python files. Discovered by the ReversingLabs threat research team, this campaign represents a shift toward stealthier and more sophisticated tactics in open-source exploitation. Sophisticated Supply Chain…
-
Solving the Engineering Productivity Paradox
There’s a huge focus on speeding up code production using tools like GitHub Copilot, Cursor, and others. And the results are honestly stunning, but increasingly, the bottleneck popping up is in the code review phase. Sonar CEO, Tariq Shaukat, shares how AI-generated code absolutely must be reviewed before it’s merged into your codebase, and how…
-
Free AI coding security rules now available on GitHub
Developers are turning to AI coding assistants to save time and speed up their work. But these tools can also introduce security risks if they suggest flawed or unsafe code. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/17/free-ai-coding-security-rules/
-
Sicherheitsrisiko bei Salesforce Industry Cloud
Die Salesforce Industry Cloud ist mit Konfigurationsrisiken behaftet.Die vertikal ausgerichtete Lösungssuite Salesforce Industry Cloud umfasst eine Low-Code-Plattform, die vorgefertigte Tools für die digitale Transformation für bestimmte Branchen wie Finanzdienstleistungen und Fertigung bereitstellt. Forscher von AppOmni haben nun herausgefunden, dass Kunden ihre Komponenten leicht falsch konfigurieren können. Dadurch besteht die Gefahr, dass Angreifer Zugriff auf verschlüsselte…
-
Water Curse Hacker Group Uses 76 GitHub Accounts to Spread Multistage Malware
A newly identified threat actor known as Water Curse has been linked to a sprawling campaign utilizing at least 76 GitHub accounts to distribute weaponized repositories packed with multistage malware. This financially motivated group leverages the inherent trust in open-source platforms to target a diverse range of victims, including cybersecurity professionals, red teamers, penetration testers,…
-
Secretless Access for GitHub Actions and Workflows
6 min readProtect GitHub Actions environment variables with secretless authentication. Avoid static secrets and secure your CI/CD pipelines the modern way. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/secretless-access-for-github-actions-and-workflows/
-
‘Water Curse’ Targets Infosec Pros Via Poisoned GitHub Repositories
The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/water-curse-targets-cybersecurity-pros-github-repos
-
‘Dangerous’ vulnerability in GitLab Ultimate Enterprise Edition
Tags: access, ai, attack, authentication, best-practice, ceo, communications, control, cve, cvss, data, flaw, github, gitlab, incident response, injection, malicious, mfa, password, risk, service, vulnerabilityCVE-2025-2254, a cross-site scripting issue, which, under certain conditions, could allow an attacker to act like a legitimate user by injecting a malicious script into the snippet viewer.All GitLab CE/EE versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2 are impacted;CVE-2025-0673, a vulnerability that can cause a denial of service by triggering…
-
Developers Beware Sophisticated Phishing Scams Exploit GitHub Device Code Flow to Hijack Tokens
A sophisticated and increasing wave of cyberattacks now targets software developers through a little-known yet legitimate GitHub feature: the OAuth 2.0 Device Code Flow. Security experts, notably from Praetorian, have warned that threat actors are leveraging this mechanism to trick developers into surrendering access to their most sensitive code repositories and CI/CD pipelines. The attacks…
-
Ungepatchte Lücken ermöglichen Übernahme von GitLab-Konten
Tags: access, authentication, best-practice, bug, ceo, ciso, cve, cvss, cyberattack, dos, github, gitlab, incident response, injection, jobs, mfa, password, risk, sans, service, software, update, vulnerabilityExperten warnen vor einem neuen Bug in GitLab.Eine neue Sicherheitslücke in der Ultimate Enterprise Edition von GitLab ist laut einem Experten ‘gefährlich” und muss schnell gepatcht werden.Die Schwachstelle mit der Bezeichnung CVE-2025-5121 ist eine von zehn, die GitLab am Mittwoch bei der Veröffentlichung von Bugfixes und Sicherheits-Updates für selbstverwaltete Installationen beschrieben hat.’Wir empfehlen dringend, alle…
-
Unpatched holes could allow takeover of GitLab accounts
Tags: access, attack, authentication, best-practice, ceo, communications, control, cve, cvss, data, github, gitlab, incident response, malicious, mfa, password, risk, service, vulnerabilityCVE-2025-2254, a cross-site scripting issue, which, under certain conditions, could allow an attacker to act like a legitimate user by injecting a malicious script into the snippet viewer.All GitLab CE/EE versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2 are impacted;CVE-2025-0673, a vulnerability that can cause a denial of service by triggering…
-
Neues GenAI-Tool soll Open-Source-Sicherheit erhöhen
Tags: ai, bug, chatgpt, cvss, exploit, github, incident response, linux, LLM, open-source, tool, update, vulnerabilityEin neu entwickeltes GenAI-Tool soll helfen, Schwachstellen in großen Open-Source-Repositories zu erkennen und zu patchen.Niederländische und iranische Sicherheitsforscher haben ein neues Tool auf Basis von generativer KI (GenAI) ins Leben gerufen, das Plattformen wie ChatGPT ermöglichen soll, Bugs in Code-Repositories zu erkennen und zu patchen.Die Anwendung wurde getestet, indem GitHub nach einer bestimmten Schwachstelle durch…
-
Cyberkriminelle zielen mit gefälschter Malware und Gaming-Cheats auf ihre eigenen Leute
Nur ein Scherz unter Gaunern oder gleich ein neuer Geschäftszweig? Dass Cyberkriminelle es auf ihre Kollegen abgesehen haben, ist den Experten von Sophos X-Ops nicht neu. Nun hat Sophos 133 gefälschte Repositories aufgedeckt, die zu einer Kampagne gehören. Die Experten von Sophos-X-Ops veröffentlichten kürzlich eine Studie über 133 gefälschte Repositories auf Github, die Möchtegern-Kriminelle und…
-
Gefälschter Malware und Gaming Cheats: Keine Kollegialität unter Cyberkriminellen
Die Experten von Sophos X-Ops veröffentlichten kürzlich eine Studie über 133 gefälschte Repositories auf GitHub, die Möchtegern-Kriminelle und Gamer anvisiert. Diese Repositories ob nun als Schadsoftware, Angriffstools oder Gaming Cheats beworben funktionieren allerdings nicht, wenn die Anwender den Codiercode kompilieren oder ausführen. Stattdessen infizieren sie die Computer anderer Anwender mit Malware. Trotz der First seen…
-
How Code Provenance Can Prevent Supply Chain Attacks
Through artifact attestation and the SLSA framework, GitHub’s Jennifer Schelkopf argues that at least some supply chain attacks can be stopped in their tracks. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/github-code-provenance-supply-chain-attacks
-
Beware of Instagram Growth Tools Stealing Login Credentials and Sending Them to Attackers
A discovery by Socket’s Threat Research Team has unveiled a malicious Python package named imad213, masquerading as an Instagram growth tool. Created by a threat actor identified as im_ad__213 with the associated email madmadimado59@gmail[.]com, this malware cunningly tricks users into surrendering their Instagram credentials. Deceptive Python Package Targets Instagram Users Promoted with a polished GitHub…
-
Malicious Actors Exploit SoraAI’s Popularity GitHub to Distribute Malware
Threat actors are leveraging the growing popularity of OpenAI’s Sora, a cutting-edge video generation model, to distribute malicious software. Disguised as a legitimate shortcut file named >>SoraAI.lnk,
-
New DuplexSpy RAT Gives Attackers Full Control Over Windows Machines
A new Remote Access Trojan (RAT) named DuplexSpy has surfaced, posing a significant threat to Windows-based systems worldwide. Developed in C# by GitHub user ISSAC/iss4cf0ng and released publicly on April 15, 2025, with a stated intent of >>educational purposes,
-
Cloud assets have 115 vulnerabilities on average, some several years old
Tags: access, ai, api, attack, cloud, credentials, data, data-breach, github, gitlab, iam, infrastructure, risk, service, strategy, threat, vulnerabilityIsolated risks lead to bigger issues: Orca also warns that half of organizations have assets exposing attack paths that can lead to sensitive data exposure, as well as 23% with paths that lead to broad permission access and compromised hosts. Attack paths are the combination of risks that appear isolated but can be combined to…
-
Hundreds of Malicious GitHub Repos Targeting Novice Cybercriminals Traced to Single User
Sophos X-Ops researchers have identified over 140 GitHub repositories laced with malicious backdoors, orchestrated by a single threat actor associated with the email address ischhfd83[at]rambler[.]ru. Initially sparked by a customer inquiry into the Sakura RAT, a supposed open-source malware touted for its >>sophisticated anti-detection capabilities,
-
Backdoored Malware Reels in Newbie Cybercriminals
Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/backdoored-malware-new-cybercriminals