Tag: github
-
Hackers Compromise Laravel-Lang Packages via 700 GitHub Repos
A sophisticated and active supply chain attack has struck the Laravel-Lang open-source organization, compromising over 700 historical package versions across four widely used PHP localization repositories. The attack, detected on May 22, 2026, and reported by both Aikido Security and the Socket Research Team, introduces a fully functional remote code execution (RCE) backdoor that executes automatically via Composer’s…
-
Senator urges classified briefing after CISA data leak on GitHub
First seen on scworld.com Jump to article: www.scworld.com/news/senator-urges-classified-briefing-after-cisa-data-leak-on-github
-
CISA contractor’s public GitHub repo exposed sensitive government credentials
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-contractors-public-github-repo-exposed-sensitive-government-credentials
-
GitHub Actions workflow compromised to steal CI/CD credentials
First seen on scworld.com Jump to article: www.scworld.com/brief/github-actions-workflow-compromised-to-steal-ci-cd-credentials
-
5,561 GitHub Repositories Hit by Megalodon Supply Chain Attack in Six Hours
SafeDep uncovered the Megalodon attack targeting 5,561 GitHub repositories with malicious CI workflows and cloud credential theft. First seen on hackread.com Jump to article: hackread.com/github-repositories-megalodon-supply-chain-attack/
-
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window.”Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected GitHub Actions workflows containing base64-encoded bash payloads that exfiltrate CI First seen on thehackernews.com Jump to…
-
Automatisierter Angriff: Stille Backdoor in Tausende Github-Repos eingeschleust
Angreifer haben es auf Github-Repositorys abgesehen. Innerhalb von etwa sechs Stunden wurden über 5.500 Repos mit einer Backdoor ausgestattet. First seen on golem.de Jump to article: www.golem.de/news/automatisierter-angriff-stille-backdoor-in-tausende-github-repos-eingeschleust-2605-208971.html
-
A hacker group is poisoning open source code at an unprecedented scale
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2026/05/a-hacker-group-is-poisoning-open-source-code-at-an-unprecedented-scale/
-
Megalodon Malware Rapidly Infects Over 5,500 GitHub Repositories
A newly identified malware campaign dubbed “Megalodon” has compromised more than 5,500 GitHub repositories, raising serious concerns about the security of open-source ecosystems. Security researchers from SafeDep report that the malware spreads through malicious code injections hidden inside seemingly legitimate projects, targeting developers who unknowingly download and execute infected files. Megalodon Malware Infects Github Repo…
-
GitHub Breach Traced to Malicious ‘Nx Console’ VS Code Extension
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/github-breach-nx-console-vs-code/
-
Grafana Labs links GitHub environment breach to TanStack npm supply chain attack
The company behind the widely used observability platform refused an extortion demand and has since taken steps to harden its security. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/grafana-labs-github-environment-breach-tanstack-npm-supply-chain/820866/
-
GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/21/github-grafana-breach-root-cause-nx-console/
-
A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations. First seen on wired.com Jump to article: www.wired.com/story/teampcp-software-supply-chain-attack-spree-github/
-
GitHub links repo breach to TanStack npm supply-chain attack
GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week’s TanStack npm supply-chain attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-links-repo-breach-to-tanstack-npm-supply-chain-attack/
-
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension. The development comes as the Nx team revealed that the extension, nrwl.angular-console, was breached after one of its…
-
GitHub Hacked, Internal Repositories Offered for Sale
A Single Developer Downloaded a Poisoned VS Code Extension, and Now Look. GitHub warned late Tuesday that hackers stole roughly 3,800 internal repositories from the Microsoft-owned platform after a developer used a poisoned VS Code script, which is developed by Microsoft. TeamPCP and Lapsus$ appear to be cooperating to sell the stolen data for $95,000.…
-
GitHub Confirms Breach, 4K Internal Repos Stolen
Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor, TeamPCP, took credit. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/github-confirms-breach-4k-internal-repos-stolen
-
CISA Contractor Exposed Sensitive Credentials in Public GitHub Repository
CISA is investigating after a contractor’s public GitHub repository exposed AWS GovCloud credentials, internal files, and passwords. The post CISA Contractor Exposed Sensitive Credentials in Public GitHub Repository appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisa-contractor-github-credential-leak/
-
Grafana breach caused by missed token rotation after TanStack attack
The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm supply-chain attack last week. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/grafana-breach-caused-by-missed-token-rotation-after-tanstack-attack/
-
GitHub says internal repositories were impacted in poisoned VS Code extension attack
GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the growing risks facing software development platforms and the ecosystems built around third-party developer tools. The Microsoft-owned company said in posts on X that it detected and contained the…
-
Compromised coding tool helped hackers breach thousands of GitHub repositories
The attack is the latest example of hackers’ intense focus on open-source packages. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/github-hacked-repository-data/820722/
-
GitHub Breach: TeamPCP Steals 3,800 Repositories via VS Code Extension
GitHub Breach: TeamPCP stole 3,800 internal repositories through a malicious VS Code extension and is now selling the data online for $95,000. First seen on hackread.com Jump to article: hackread.com/github-breach-teampcp-repositories-vs-code-extension/
-
GitHub says hackers stole data from thousands of internal repositories
The code hosting giant GitHub said it was investigating a breach, but said there was no evidence of customer data theft. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/20/github-says-hackers-stole-data-from-thousands-of-internal-repositories/
-
Senator presses CISA for answers about alleged GitHub repository leak
U.S. Senator Maggie Hassan (D-NH) sent a letter to the acting director of the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday demanding answers about an alleged breach uncovered by cybersecurity reporter Brian Krebs involving government contractor Nightwing. First seen on therecord.media Jump to article: therecord.media/hassan-presses-cisa-github-leak
-
GitHub confirms being hacked by TeamPCP, says customer data unaffected
Github, which hosts code for more than 100 million developers worldwide, confirmed the breach on social media after TeamPCP advertised stolen source code on a cybercrime forum. First seen on therecord.media Jump to article: therecord.media/github-confirms-teampcp-hack-customers-unaffected
-
TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/20/github-breached-teampcp/
-
GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
The prolific threat group TeamPCP has claimed a hack into GitHub’s internal repositories First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/github-confirms-breach-vs-code/