Security News > 2024 > August > GitHub comments abused to push password stealing malware masked as fixes

GitHub comments abused to push password stealing malware masked as fixes

2024-08-31 15:21

GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments. [...]

News URL

https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-password-stealing-malware-masked-as-fixes/

#github #malware

Related news

Clever 'GitHub Scanner' campaign abusing repos to push malware (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Github		12	2	40	30	14	86

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.