Collecting Cyber-News from over 60 sources

Tag: github

Xanthorox Emerging BlackHat AI Tool Empowering Hackers in Phishing and Malware Campaigns

May 15, 2025 4:54 PM

Tags: ai, conference, crypto, cyber, cybercrime, cybersecurity, dark-web, github, hacker, intelligence, malware, phishing, tool

Artificial intelligence platform named Xanthorox has emerged as a potent new tool for cybercriminals, enabling the automated generation of phishing campaigns, malware, and hyperrealistic deepfakes. Unlike traditional dark-web tools restricted to hidden forums, Xanthorox’s developer openly advertises its capabilities on public platforms like GitHub, YouTube, and Telegram while accepting cryptocurrency payments for access. Cybersecurity experts…
BSidesLV24 GroundFloor Detection Engineering Demystified: Building Custom Detections For GitHub Enterprise

May 13, 2025 9:38 PM

Tags: conference, detection, github

Author/Presenter: David French Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/bsideslv24-groundfloor-detection-engineering-demystified-building-custom-detections-for-github-enterprise/
Linux wiper malware hidden in malicious Go modules on GitHub

May 6, 2025 11:50 AM

Tags: attack, github, linux, malicious, malware, supply-chain

A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/linux-wiper-malware-hidden-in-malicious-go-modules-on-github/
xAI API Key Leak Exposes Proprietary Language Models on GitHub

May 6, 2025 10:50 AM

Tags: access, ai, api, cyber, data, data-breach, github, intelligence, leak, unauthorized

Employee at Elon Musk’s artificial intelligence firm xAI inadvertently exposed a private API key on GitHub for over two months, granting unauthorized access to proprietary large language models (LLMs) fine-tuned on internal data from SpaceX, Tesla, and Twitter/X. Security researchers at GitGuardian discovered the leak, which compromised 60 private and unreleased models, including development versions…
xAI Developer Accidentally Leaks API Key Granting Access to SpaceX, Tesla, and X LLMs

May 5, 2025 3:49 PM

Tags: access, ai, api, cyber, cybersecurity, github, intelligence, leak, LLM

An employee at Elon Musk’s artificial intelligence venture, xAI, inadvertently disclosed a sensitive API key on GitHub, potentially exposing proprietary large language models (LLMs) linked to SpaceX, Tesla, and Twitter/X. Cybersecurity specialists estimate the leak remained active for two months, offering outsiders the capability to access and query highly confidential AI systems engineered with internal…
Hackers Weaponize Go Modules to Deliver Disk”‘Wiping Malware, Causing Massive Data Loss

May 3, 2025 7:50 PM

Tags: attack, cyber, cybersecurity, data, exploit, github, hacker, malicious, malware, programming, sans, supply-chain

Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go’s module system, where developers directly import dependencies from public repositories like GitHub sans centralized gatekeeping, attackers exploit namespace…
Hackers Exploit Critical NodeJS Vulnerabilities to Hijack Jenkins Agents for RCE

May 2, 2025 10:50 PM

Tags: cyber, exploit, flaw, github, hacker, infrastructure, rce, remote-code-execution, risk, supply-chain, vulnerability

Security researchers have identified critical vulnerabilities in the Node.js CI/CD infrastructure, exposing internal Jenkins agents to remote code execution and raising the risk of supply chain attacks. These flaws stemmed from the integration and communication gaps between multiple DevOps platforms-specifically GitHub Apps, GitHub Actions workflows, and Jenkins pipelines-that collectively manage Node.js’ continuous integration processes. Exploiting…
GitHub secrets: Deleted files still pose risks

Apr 24, 2025 2:50 PM

Tags: ai, data, exploit, github, risk

git diff) the list of files with its parent commit,” Briznov said. Once deleted files were restored, a simple search for secrets that were still active was performed through another automation. AI made the exploit much easier: Interestingly, Brizinov relied on AI to do a lot of routine tasks in the exploit. For instance, a…
Forscher macht aus gelöschten Dateien 64.000 US-Dollar

Apr 24, 2025 11:50 AM

Tags: github

Ein Sicherheitsforscher hat in Github-Repos mehrerer Fortune-500-Unternehmen Token und Zugangsdaten entdeckt, die eigentlich längst gelöscht waren. First seen on golem.de Jump to article: www.golem.de/news/github-forscher-macht-aus-geloeschten-dateien-64-000-us-dollar-2504-195616.html
CrazyHunter Hacker Group Exploits Open-Source GitHub Tools to Target Organizations

Apr 17, 2025 9:28 PM

Tags: cyber, exploit, github, group, hacker, healthcare, open-source, ransomware, threat, tool

A relatively new ransomware outfit known as CrazyHunter has emerged as a significant threat, particularly targeting Taiwanese organizations. The group, which started its operations in the healthcare, education, and industrial sectors of Taiwan, leverages sophisticated cyber techniques to disrupt essential services. Sophisticated Techniques and Open-Source Exploitation CrazyHunter’s toolkit is largely composed of open-source tools sourced…
CISOs no closer to containing shadow AI’s skyrocketing data risks

Apr 17, 2025 10:28 AM

Tags: access, ai, authentication, awareness, best-practice, breach, business, ceo, chatgpt, ciso, compliance, computer, control, cybersecurity, data, data-breach, detection, finance, framework, github, google, governance, group, jobs, law, leak, LLM, mitigation, monitoring, privacy, RedTeam, regulation, risk, risk-management, service, software, technology, theft, tool, training, unauthorized, vulnerability

While most organizations (90%) offer sanctioned generative AI apps and even more (98%) offer their users apps that incorporate gen AI features, unauthorized use of AI services is skyrocketing in business, according to a study by Netskope.Most gen AI use in the enterprise (72%) is shadow IT, driven by individuals using personal accounts to access…
Latest Mustang Panda Arsenal: ToneShell and StarProxy – P1

Apr 16, 2025 6:28 PM

Tags: access, api, backdoor, china, cloud, control, data, detection, edr, encryption, endpoint, espionage, github, government, group, injection, malicious, malware, military, network, threat, tool, windows

IntroductionThe Zscaler ThreatLabz team discovered new activity associated with Mustang Panda, originating from two machines from a targeted organization in Myanmar. This research led to the discovery of new ToneShell variants and several previously undocumented tools. Mustang Panda, a China-sponsored espionage group, traditionally targets government-related entities, military entities, minority groups, and non-governmental organizations (NGOs) primarily…
MITRE CVE Program Funding Set To Expire

Apr 16, 2025 5:28 AM

Tags: cve, cvss, cybersecurity, data, github, identity, intelligence, mitre, monitoring, nist, technology, update, vulnerability, vulnerability-management

MITRE’s CVE program has been an important pillar in cybersecurity for over two decades. The lack of certainty surrounding the future of the CVE program creates great uncertainty about how newly discovered vulnerabilities will be cataloged. Background On April 15, reports circulated that the contract for funding the Common Vulnerabilities and Exposures (CVE) program along…
Cable: Powerful Post-Exploitation Toolkit for Active Directory Attacks

Apr 10, 2025 3:06 PM

Tags: attack, cyber, cybersecurity, exploit, github, open-source, threat, tool

Cybersecurity researchers are raising alarms about Cable, a potent open-source post-exploitation toolkit designed to exploit Active Directory (AD) vulnerabilities. With 298 GitHub stars and 33 forks since its release, this .NET-based tool is rapidly gaining traction among threat actors for its precision in reconnaissance and privilege escalation. Overview of Cable’s Capabilities Developed as a learning project…
GitHub Announces General Availability of Security Campaigns

Apr 10, 2025 2:06 PM

Tags: github, vulnerability

GitHub security campaigns make it easier for developers and security teams to collaborate on fixing vulnerabilities in their applications. The post GitHub Announces General Availability of Security Campaigns appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/github-announces-general-availability-of-security-campaigns/
APT32 Turns GitHub into a Weapon Against Security Teams and Enterprise Networks

Apr 10, 2025 12:06 PM

Tags: attack, china, cyber, cybersecurity, github, group, network, threat

Southeast Asian Advanced Persistent Threat (APT) group OceanLotus, also known as APT32, has been identified as employing GitHub to conduct a sophisticated poison attack against Chinese cybersecurity professionals. The ThreatBook Research and Response Team has meticulously analyzed this incident, which began its nefarious spread in mid-September 2024, resulting in a targeted assault on various Chinese…
Neptune RAT spreads across GitHub, Telegram, and YouTube

Apr 8, 2025 10:43 PM

Tags: github, rat

First seen on scworld.com Jump to article: www.scworld.com/news/neptune-rat-spreads-across-github-telegram-and-youtube
The Silent Threat in CI/CD: How Hackers Target Your Automation?

Apr 8, 2025 1:42 PM

Tags: automation, github, hacker, programming, software, threat, tool

Let’s enter the world of software development! Automation has now become the heartbeat of contemporary DevOps practices. However, on the backdrop, the threat associated with it has been growing at a similar rate. Tools like GitHub Actions are known to streamline workflows by automating the testing process, deployment, and integration tasks. As the world talked……
That massive GitHub supply chain attack? It all started with a stolen SpotBugs token

Apr 7, 2025 10:42 PM

Tags: attack, breach, github, supply-chain

But this mystery isn’t over yet, Unit 42 opines First seen on theregister.com Jump to article: www.theregister.com/2025/04/07/github_supply_chain_attack/
Sakura RAT Released on GitHub Can Bypass Antivirus and EDR Tools

Apr 7, 2025 9:42 AM

Tags: antivirus, cyber, detection, edr, endpoint, github, malware, rat, software, tool

A newly developed remote administration tool (RAT) named >>Sakura RAT
Exposed SpotBugs token caused GitHub supply chain intrusion, report finds

Apr 5, 2025 11:42 PM

Tags: data-breach, github, supply-chain

First seen on scworld.com Jump to article: www.scworld.com/brief/exposed-spotbugs-token-caused-github-supply-chain-intrusion-report-finds
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE

Apr 4, 2025 4:42 PM

Tags: apache, attack, cve, data, exploit, flaw, github, malicious, nist, nvd, rce, remote-code-execution, service, threat, update, vulnerability

No known exploits yet: Neither Endor Labs nor NIST’s NVD entry reported any exploit attempts using CVE-2025-30065 as of publication of this article. Apache silently pushed a fix with the release of 1.15.1 on March 16, 2025, with a GitHub redirect to changes made in the update.Endor Labs advised prompt patching of the vulnerability, which…
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

Apr 4, 2025 3:42 PM

Tags: access, attack, github, open-source, supply-chain, theft, tool

The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs.”The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular…
Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

Apr 4, 2025 1:42 PM

Tags: attack, crypto, github, network, supply-chain, threat

The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/tj-actions-supply-chain-attack/
Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack

Apr 4, 2025 12:42 PM

Tags: github, supply-chain

Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack. The post Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/compromised-spotbugs-token-led-to-github-actions-supply-chain-hack/
AI programming copilots are worsening code security and leaking more secrets

Apr 4, 2025 10:42 AM

Tags: access, ai, api, application-security, attack, authentication, best-practice, breach, ceo, ciso, container, control, credentials, cybersecurity, data, data-breach, github, government, incident response, injection, least-privilege, LLM, monitoring, open-source, openai, password, programming, risk, skills, software, strategy, tool, training, vulnerability

Overlooked security controls: Ellen Benaim, CISO at enterprise content mangement firm Templafy, said AI coding assistants often fail to adhere to the robust secret management practices typically observed in traditional systems.”For example, they may insert sensitive information in plain text within source code or configuration files,” Benaim said. “Furthermore, because large portions of code are…
39M secrets exposed: GitHub rolls out new security tools

Apr 4, 2025 9:42 AM

Tags: data, data-breach, github, microsoft, risk, tool

39 Million Secrets Leaked on GitHub in 2024 GitHub found 39M secrets leaked in 2024 and launched new tools to help developers and organizations secure sensitive data in code. Microsoft-owned code hosting platform GitHub announced the discovery of 39 million secrets leaked in 2024. The exposure of this sensitive information poses a serious risk to…
Recent GitHub supply chain attack traced to leaked SpotBugs token

Apr 3, 2025 5:42 PM

Tags: attack, breach, data-breach, github, supply-chain, threat

A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise multiple GitHub projects. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/recent-github-supply-chain-attack-traced-to-leaked-spotbugs-token/
39 Million Secrets Leaked on GitHub in 2024

Apr 3, 2025 1:42 PM

Tags: data-breach, github

GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected. The post 39 Million Secrets Leaked on GitHub in 2024 appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/39-million-secrets-leaked-on-github-in-2024/
Massive GitHub Leak: 39M API Keys Credentials Exposed How to Strengthen Security

Apr 3, 2025 10:42 AM

Tags: api, credentials, cyber, data-breach, github, leak, risk

Over 39 million API keys, credentials, and other sensitive secrets were exposed on GitHub in 2024, raising considerable alarm within the developer community and enterprises globally. The scale and impact of this leak have underscored the growing risks tied to improperly handled credentials and highlighted the urgent need for robust security practices. GitHub, the world’s…