Tag: github
-
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user’s GitHub token.”Just by clicking a link, it’s possible for an attacker to steal a GitHub token that can read and write to your repos, including private ones,” security researcher Ammar Askar said.GitHub supports…
-
38% of GitHub Actions Workflows Exposed to Script Injection Risks
Analysis has revealed that 38% of organizations are running GitHub Actions workflows vulnerable to script injection or unsafe trigger configurations, highlighting a growing risk in modern software supply chains. GitHub plays a central role in development pipelines by automating build, test, and deployment tasks through YAML-defined workflows and reusable actions. These workflows often run with…
-
38% of GitHub Actions Workflows Exposed to Script Injection Risks
Analysis has revealed that 38% of organizations are running GitHub Actions workflows vulnerable to script injection or unsafe trigger configurations, highlighting a growing risk in modern software supply chains. GitHub plays a central role in development pipelines by automating build, test, and deployment tasks through YAML-defined workflows and reusable actions. These workflows often run with…
-
38% of GitHub Actions Workflows Exposed to Script Injection Risks
Analysis has revealed that 38% of organizations are running GitHub Actions workflows vulnerable to script injection or unsafe trigger configurations, highlighting a growing risk in modern software supply chains. GitHub plays a central role in development pipelines by automating build, test, and deployment tasks through YAML-defined workflows and reusable actions. These workflows often run with…
-
Kein Bock auf Microsoft: Forscher leakt Zero-Day-Exploit für Github-Datenklau
Microsoft hat neben Chaotic Eclipse offenbar noch einen weiteren Forscher verärgert. Der hat nun einen gefährlichen Github-Exploit veröffentlicht. First seen on golem.de Jump to article: www.golem.de/news/kein-bock-auf-microsoft-forscher-leakt-zero-day-exploit-fuer-github-datenklau-2606-209348.html
-
VS Code zero-day lets hackers steal GitHub tokens in one click
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/vs-code-zero-day-lets-hackers-steal-github-tokens-in-one-click/
-
1-Click GitHub Vulnerability Enables OAuth Token Theft
A newly disclosed vulnerability in GitHub’s browser-based editor, GitHub.dev, allows attackers to steal powerful OAuth tokens with just a single click, giving them read and write access to private repositories. The flaw exploits how Visual Studio Code (VSCode) webviews handle keyboard events and message passing, enabling a malicious repository to execute attacker-controlled actions inside the…
-
Red Hat Confirms Supply Chain Breach Impacting @redhatservices npm Packages
Red Hat has confirmed a supply chain security breach impacting multiple npm packages under the @redhat-cloud-services namespace, as detailed in security bulletin RHSB-2026-006 released on June 2, 2026. The incident was publicly disclosed a day earlier and stems from a compromised GitHub account that introduced malicious code into trusted repositories maintained within Red Hat’s infrastructure.…
-
Von Infostealer-Infektion bis Cloud-Übernahme in wenigen Schritten – Megalodon kompromittiert 5.561 GitHub-Repositories in sechs Stunden
First seen on security-insider.de Jump to article: www.security-insider.de/megalodon-malware-5561-github-repositories-aws-google-cloud-azure-a-d947799b5657a19025ee9afb057d8c33/
-
Claude Code GitHub Actions Flaw Created Supply Chain Attack Risk
Claude Code GitHub Actions flaws could enable repository compromise, credential theft, and supply chain attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/claude-code-github-actions-flaw-created-supply-chain-attack-risk/
-
Red Hat removes tainted packages after software pipeline compromise
According to the company’s preliminary analysis, a compromised GitHub account was used to push the malicious code out to customers, hitting 32 packages downloaded roughly 117,000 times a week. First seen on therecord.media Jump to article: therecord.media/red-hat-removes-tainted-packages-after-software-pipeline-compromise
-
Claude Code GitHub Actions Flaw Exposes Repositories to Full Compromise
A critical supply chain vulnerability in Anthropic’s Claude Code GitHub Actions workflow has been disclosed, exposing thousands of repositories to potential full compromise through a single malicious GitHub issue. Security researcher Ryota K from GMO Flat Security identified multiple flaws in the Claude Code integration that allowed attackers to bypass permission controls and inject untrusted…
-
Critical Plesk Vulnerability Lets Users Execute Server Commands
A newly disclosed critical vulnerability in Plesk is raising serious security concerns after researchers confirmed that low-privileged users can execute arbitrary commands on affected servers. Tracked as CVE-2026-44962, the vulnerability affects Plesk for Linux and is linked to improper input handling in the APS Application Catalog search functionality. The issue was published in the GitHub…
-
MegadolonKampagne erschüttert Software-Lieferkette
Tausende Github-Repositorys wurden mit Malware infiziert, die Anmeldedaten stiehlt. Die neueste Bedrohungskampagne von Megadolon erschüttert die ohnehin schon stark belastete Software-Lieferkette. Ein Kommentar von Shane Barney, CISO von Keeper Security <<Die Megalodon-Kampagne zeigt, wo das Risiko in der Software-Lieferkette tatsächlich liegt. Innerhalb von nur sechs Stunden schoben Angreifer bösartige Commits in über 5.500 Github-Repositorys ein…
-
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Tags: android, attack, authentication, breach, cybersecurity, github, malicious, openai, supply-chain, toolCybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI.The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting over 29,000 weekly downloads. The package is still available for download from the…
-
Feeding Frenzy: ‘Megalodon’ Malware Infects Thousands of GitHub Repos
In just six hours, the campaign quietly pushed thousands of malicious commits to more than 5,500 GitHub repositories, stealing credentials, developer secrets, and more. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/megalodon-malware-infects-thousands-github-repos
-
Angular Language Service Extension Flaws Allow Remote Code Execution
Tags: advisory, attack, cyber, flaw, github, malicious, remote-code-execution, risk, service, vulnerabilityMultiple high-severity vulnerabilities have been discovered in the Angular Language Service VS Code extension (Angular.ng-template), exposing developers to remote code execution (RCE) attacks through malicious project files and dependencies. The issues, tracked under GitHub advisory GHSA-ccq4-xmxr-8hcq, affect all versions before 21.2.4 and have been patched in the latest release. These flaws pose significant risks to…
-
Megalodon-Malware infiziert Tausende GitHub-Repositories
Die Schadsoftware-Kampagne Megalodon hat über 5000 GitHub-Repositories angegriffen. Angreifer kompromittierten automatisierte CI/CD-Workflows. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/github-megalodon-malware
-
Github-Konto gesperrt: Streit zwischen Microsoft und Chaotic Eclipse eskaliert
Der Sicherheitsforscher Chaotic Eclipse veröffentlicht laufend neue Zero-Day-Exploits für Windows. Jetzt hat Microsoft ihn wohl richtig sauer gemacht. First seen on golem.de Jump to article: www.golem.de/news/github-konto-gesperrt-streit-zwischen-microsoft-und-chaotic-eclipse-eskaliert-2605-209024.html
-
Multiple 7-Zip Vulnerabilities Enable Arbitrary Code Execution
Multiple memory safety bugs in 7″‘Zip 26.00 allow remote attackers to leak sensitive data and, in at least one case, execute arbitrary code when a victim opens a crafted archive file. GitHub Security Lab has disclosed a critical heap buffer overflow in 7″‘Zip’s NTFS handler (GHSL”‘2026″‘140, CVE”‘2026″‘48095), alongside a cluster of additional memory access violations…
-
Megalodon Supply Chain Attack Hits 5,500+ GitHub Repositories in Six Hours
A large-scale software supply chain attack dubbed “Megalodon” has compromised more than 5,500 repositories on GitHub, raising fresh concerns about the growing abuse of automated development pipelines and GitHub Actions workflows. The incident, uncovered by SafeDep, involved thousands of malicious commits that injected credential-stealing payloads into repositories over a short period of time. First seen…
-
Megalodon Supply Chain Attack Hits 5,500+ GitHub Repositories in Six Hours
A large-scale software supply chain attack dubbed “Megalodon” has compromised more than 5,500 repositories on GitHub, raising fresh concerns about the growing abuse of automated development pipelines and GitHub Actions workflows. The incident, uncovered by SafeDep, involved thousands of malicious commits that injected credential-stealing payloads into repositories over a short period of time. First seen…
-
Automated ‘Megalodon’ Campaign Spreads GitHub Repo Backdoors
Supply-Chain Attack Uses Malicious GitHub Actions Workflow File to Steal Secrets. More than 5,000 GitHub repositories fell victim to an automated campaign, codenamed Megalodon, in which an attacker injected malicious GitHub Actions that executed a script designed to steal development environment secrets, plus a variety of keys, tokens and other credentials, researchers said. First seen…
-
GitHub Strengthens npm Security With Staged Publishing Protection
GitHub has introduced a major security enhancement to the npm ecosystem with the general availability of staged publishing and new install-time controls in npm CLI version 11.15.0. These updates are designed to reduce software supply chain risks, particularly those arising from compromised developer accounts, malicious package updates, and automated CI/CD workflows. GitHub Strengthens npm Security…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Popular node-ipc npm Package Infected with Credential Stealer New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here Active Supply Chain Attack Compromises @antv Packages on npm actions-cool/issues-helper GitHub Action Compromised: All Tags Point to…
-
Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/24/week-in-review-github-breached-via-poisoned-vs-code-extension-critical-nginx-flaw-exploited/
-
Laravel Lang packages hijacked to deploy credential-stealing malware
A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated credential-stealing malware campaign after attackers abused GitHub version tags to distribute malicious code through Composer packages. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/laravel-lang-packages-hijacked-to-deploy-credential-stealing-malware/
-
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly available for installation.Called staged publishing, the feature is now generally available on npm. It mandates that a human maintainer pass a two-factor authentication…
-
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
A new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL.”Although the affected packages were all Composer packages, the malicious code was not added to composer.json,” Socket said. “Instead, it was inserted into package.json, targeting projects that ship…
-
Angriff auf GitHub über kompromittiertes Gerät: Hacker stehlen 3.800 interne Repositories
First seen on t3n.de Jump to article: t3n.de/news/github-hacker-stehlen-repositories-1743454/