Security News > 2024 > September > Clever 'GitHub Scanner' campaign abusing repos to push malware
2024-09-19 11:07
A clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are subscribed to email notifications from it. A malicious GitHub user opens a new "issue" on an open source repository falsely claiming that the project contains a "security vulnerability." [...]
News URL
Related news
- GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets (source)
- 200-plus impressively convincing GitHub repos are serving up malware (source)
- Hundreds of GitHub repos served up malware for years (source)
- Microsoft admits GitHub hosted malware that infected almost a million devices (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth (source)