Security News > 2025 > February > GitVenom attacks abuse hundreds of GitHub repos to steal crypto

2025-02-25 19:45
A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote access trojans (RATs), and clipboard hijackers to steal crypto and credentials. [...]
News URL
Related news
- North Korea targets crypto developers via NPM supply chain attack (source)
- Bybit Confirms Record-Breaking $1.5 Billion Crypto Heist in Sophisticated Cold Wallet Attack (source)
- Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks (source)
- GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks (source)
- GitHub supply chain attack spills secrets from 23,000 projects (source)
- Supply chain attack on popular GitHub Action exposes CI/CD secrets (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)
- GitHub Action supply chain attack exposed secrets in 218 repos (source)
- Critical GitHub Attack (source)