Tag: github
-
65% of Leading AI Companies Found Leaking Secrets on GitHub
Wiz Security found 65% of top AI companies leaked secrets on GitHub, exposing sensitive data and highlighting critical security gaps. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/ai-companies-leak-secrets/
-
Fake NPM Package With 206K Downloads Targeted GitHub for Credentials
Veracode Threat Research exposed a targeted typosquatting attack on npm, where the malicious package @acitons/artifact stole GitHub tokens. Learn how this supply chain failure threatened the GitHub organisation’s code. First seen on hackread.com Jump to article: hackread.com/fake-npm-package-downloads-github-credentials/
-
Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories
Cybersecurity researchers have discovered a malicious npm package named “@acitons/artifact” that typosquats the legitimate “@actions/artifact” package with the intent to target GitHub-owned repositories.”We think the intent was to have this script execute during a build of a GitHub-owned repository, exfiltrate the tokens available to the build environment, and then use those tokens to publish First…
-
AI startups leak sensitive credentials on GitHub, exposing models and training data
Tags: ai, api, attack, compliance, credentials, cybersecurity, data, data-breach, framework, github, governance, leak, startup, trainingCompliance and governance: The Wiz findings highlight how exposed API keys can escalate into full-scale compromises across AI ecosystems, according to Sakshi Grover, senior research manager for IDC Asia Pacific Cybersecurity Services. “Stolen credentials can be used to manipulate model behavior or extract training data, undermining trust in deployed systems.”Grover noted that such exposures are…
-
Leaks auf Github: Top-KI-Unternehmen haben ihre Keys nicht im Griff
Forscher haben auf Github allerhand private Schlüssel, Tokens und weitere Anmeldedaten von einem Großteil der Forbes AI 50 entdeckt. First seen on golem.de Jump to article: www.golem.de/news/leaks-auf-github-viele-top-ki-unternehmen-haben-ihre-keys-nicht-im-griff-2511-202054.html
-
65% of Top AI Firms Found Exposing Verified API Keys and Tokens on GitHub
A comprehensive security analysis has uncovered a troubling reality: 65% of leading AI companies have leaked verified secrets on GitHub, exposing critical API keys, authentication tokens, and sensitive credentials that could compromise their entire organizations. Researchers examined 50 prominent AI companies from the Forbes AI 50 list and discovered that nearly two-thirds had exposed verified…
-
How GlassWorm wormed its way back into developers’ code, and what it says about open source security
Tags: access, ai, attack, blockchain, ciso, control, credentials, crypto, cybersecurity, data, data-breach, endpoint, exploit, framework, github, google, infrastructure, law, malicious, malware, marketplace, monitoring, open-source, resilience, service, software, supply-chain, threat, tool, update, wormadhamu.history-in-sublime-merge (downloaded 4,000 times)ai-driven-dev.ai-driven-dev (downloaded 3,300 times)yasuyuky.transient-emacs (downloaded 2,400 times)All three GlassWorm extensions are “still literally invisible” in code editors, the researchers note. They are encoded in unprintable Unicode characters that look like blank space to the human eye, but execute as JavaScript.The attackers have posted new transactions to the Solana blockchain that outline updated…
-
How GlassWorm wormed its way back into developers’ code, and what it says about open source security
Tags: access, ai, attack, blockchain, ciso, control, credentials, crypto, cybersecurity, data, data-breach, endpoint, exploit, framework, github, google, infrastructure, law, malicious, malware, marketplace, monitoring, open-source, resilience, service, software, supply-chain, threat, tool, update, wormadhamu.history-in-sublime-merge (downloaded 4,000 times)ai-driven-dev.ai-driven-dev (downloaded 3,300 times)yasuyuky.transient-emacs (downloaded 2,400 times)All three GlassWorm extensions are “still literally invisible” in code editors, the researchers note. They are encoded in unprintable Unicode characters that look like blank space to the human eye, but execute as JavaScript.The attackers have posted new transactions to the Solana blockchain that outline updated…
-
GlassWorm malware has resurfaced on the Open VSX registry
GlassWorm malware resurfaces in Open VSX and GitHub, infecting VS Code extensions weeks after its removal from the official marketplace. GlassWorm malware has resurfaced on the Open VSX registry and newly appeared in GitHub repositories, infecting three more VS Code extensions just weeks after its removal from the official marketplace, Koi Security researchers warn. In…
-
65% of Leading AI Companies Found With Verified Secrets Leaks
A new study has revealed 65% of top AI firms have leaked sensitive data on GitHub, risking $400bn in assets First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/leading-ai-companies-secret-leaks/
-
Vibe-codierte Ransomware auf Microsoft Marketplace entdeckt
Tags: access, ai, control, github, infrastructure, malware, marketplace, microsoft, ransomware, tool, vulnerabilityForscher haben eine Visual- Studio- Code-Erweiterung mit Ransomware-Funktionen entdeckt.Der Sicherheitsspezialist Secure Annex stellte kürzlich fest, dass eine Schadsoftware namens ‘Ransomvibe” in Erweiterungen für den Quellcode-Editor Visual Studio Code eingebettet wurde. ‘Sobald die Erweiterung aktiviert ist, wird zunächst die Funktion zipUploadAndEcnrypt ausgeführt. Diese Funktion wendet alle für Ransomware und Erpressungssoftware typischen Techniken an”, heißt es im…
-
Vibe-codierte Ransomware auf Microsoft Marketplace entdeckt
Tags: access, ai, control, github, infrastructure, malware, marketplace, microsoft, ransomware, tool, vulnerabilityForscher haben eine Visual- Studio- Code-Erweiterung mit Ransomware-Funktionen entdeckt.Der Sicherheitsspezialist Secure Annex stellte kürzlich fest, dass eine Schadsoftware namens ‘Ransomvibe” in Erweiterungen für den Quellcode-Editor Visual Studio Code eingebettet wurde. ‘Sobald die Erweiterung aktiviert ist, wird zunächst die Funktion zipUploadAndEcnrypt ausgeführt. Diese Funktion wendet alle für Ransomware und Erpressungssoftware typischen Techniken an”, heißt es im…
-
Vibe-codierte Ransomware auf Microsoft Marketplace entdeckt
Tags: access, ai, control, github, infrastructure, malware, marketplace, microsoft, ransomware, tool, vulnerabilityForscher haben eine Visual- Studio- Code-Erweiterung mit Ransomware-Funktionen entdeckt.Der Sicherheitsspezialist Secure Annex stellte kürzlich fest, dass eine Schadsoftware namens ‘Ransomvibe” in Erweiterungen für den Quellcode-Editor Visual Studio Code eingebettet wurde. ‘Sobald die Erweiterung aktiviert ist, wird zunächst die Funktion zipUploadAndEcnrypt ausgeführt. Diese Funktion wendet alle für Ransomware und Erpressungssoftware typischen Techniken an”, heißt es im…
-
Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace
Tags: access, ai, control, credentials, data, data-breach, github, infrastructure, malicious, malware, marketplace, microsoft, ransomware, toolExtension pointed to a GitHub-based C2: Ransomvibe deployed a rather unusual GitHub-based command-and-control (C2) infrastructure, instead of relying on traditional C2 servers. The extension used a private GitHub repository to receive and execute commands. It routinely checked for new commits in a file named “index.html”, executed the embedded commands, and then wrote the output back…
-
Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace
Tags: access, ai, control, credentials, data, data-breach, github, infrastructure, malicious, malware, marketplace, microsoft, ransomware, toolExtension pointed to a GitHub-based C2: Ransomvibe deployed a rather unusual GitHub-based command-and-control (C2) infrastructure, instead of relying on traditional C2 servers. The extension used a private GitHub repository to receive and execute commands. It routinely checked for new commits in a file named “index.html”, executed the embedded commands, and then wrote the output back…
-
Threat Actors Exploit VS Code Extensions for Ransomware via GitHub C2
Tags: attack, control, cyber, espionage, exploit, github, government, group, infrastructure, malware, north-korea, ransomware, threatSecurity researchers have uncovered a sophisticated attack campaign attributed to Kimsuky, the North Korean-backed threat group known for conducting espionage operations against government entities and think tanks. Recent analysis reveals that threat actors are leveraging Visual Studio Code extensions and GitHub as command-and-control infrastructure to deliver multi-stage malware payloads capable of deploying ransomware and conducting…
-
Threat Actors Exploit VS Code Extensions for Ransomware via GitHub C2
Tags: attack, control, cyber, espionage, exploit, github, government, group, infrastructure, malware, north-korea, ransomware, threatSecurity researchers have uncovered a sophisticated attack campaign attributed to Kimsuky, the North Korean-backed threat group known for conducting espionage operations against government entities and think tanks. Recent analysis reveals that threat actors are leveraging Visual Studio Code extensions and GitHub as command-and-control infrastructure to deliver multi-stage malware payloads capable of deploying ransomware and conducting…
-
APT60 Targets Japan: New SpyGlace Malware Uses VHDX LNK and GitHub Tasking for Persistent Espionage
The post APT-C-60 Targets Japan: New SpyGlace Malware Uses VHDX LNK and GitHub Tasking for Persistent Espionage appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt-c-60-targets-japan-new-spyglace-malware-uses-vhdx-lnk-and-github-tasking-for-persistent-espionage/
-
Operation PeekBaku: Silent Lynx APT Exploits LNK Flaws to Deploy Reverse Shells via GitHub Against Central Asian Diplomacy
The post Operation Peek-A-Baku: Silent Lynx APT Exploits LNK Flaws to Deploy Reverse Shells via GitHub Against Central Asian Diplomacy appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/operation-peek-a-baku-silent-lynx-apt-exploits-lnk-flaws-to-deploy-reverse-shells-via-github-against-central-asian-diplomacy/
-
Operation PeekBaku: Silent Lynx APT Exploits LNK Flaws to Deploy Reverse Shells via GitHub Against Central Asian Diplomacy
The post Operation Peek-A-Baku: Silent Lynx APT Exploits LNK Flaws to Deploy Reverse Shells via GitHub Against Central Asian Diplomacy appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/operation-peek-a-baku-silent-lynx-apt-exploits-lnk-flaws-to-deploy-reverse-shells-via-github-against-central-asian-diplomacy/
-
Malicious packages in npm evade dependency detection through invisible URL links: Report
Tags: ai, application-security, attack, control, detection, edr, endpoint, exploit, flaw, github, governance, hacker, malicious, malware, microsoft, open-source, programming, service, software, supply-chain, threat, tool, trainingCampaign also exploits AI: The names of packages uploaded to npm aren’t typosquats of common packages, a popular tactic of threat actors. Instead the hackers exploit AI hallucinations. When developers ask AI assistants for package recommendations, the chatbots sometimes suggest plausible-sounding names that are close to those of legitimate packages, but that don’t actually exist.…
-
Open-source AdaptixC2 hacking tool has fans in Russian cybercrime underground
Available on GitHub and promoted to professional penetration testers, the tool AdaptixC2 has been used to spread loader malware associated with Russian ransomware groups, researchers said. First seen on therecord.media Jump to article: therecord.media/open-source-adaptixc2-red-teaming-tool-russian-cybercrime
-
Open-source AdaptixC2 hacking tool has fans in Russian cybercrime underground
Available on GitHub and promoted to professional penetration testers, the tool AdaptixC2 has been used to spread loader malware associated with Russian ransomware groups, researchers said. First seen on therecord.media Jump to article: therecord.media/open-source-adaptixc2-red-teaming-tool-russian-cybercrime