Security News

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
2025-03-11 14:35

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns...

Microsoft admits GitHub hosted malware that infected almost a million devices
2025-03-10 01:56

Also, phone cleaner apps are a data-sucking scam, Singapore considering the literal rod for scammers, and more Infosec in Brief Microsoft has spotted a malvertising campaign that downloaded...

Hundreds of GitHub repos served up malware for years
2025-02-26 11:13

Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using it without first verifying...

200-plus impressively convincing GitHub repos are serving up malware
2025-02-26 07:35

Plus: DOGE staff quit; LastPass PC, Mac gasp; and CISA warns Oracle and Adobe flaws under attack Infosec bytes Kaspersky says it has found more than 200 GitHub repos hosting fairly...

GitVenom attacks abuse hundreds of GitHub repos to steal crypto
2025-02-25 19:45

A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote access trojans (RATs), and clipboard hijackers to steal crypto and...

GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets
2025-02-25 10:13

Cybersecurity researchers are calling attention to an ongoing campaign that's targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub. The campaign,...

Major GitHub outage affects pull requests and other services
2025-01-30 15:06

​GitHub is mitigating an ongoing incident causing problems with multiple services, including performing pull requests, creating or viewing issues, and even viewing repositories and commits. [...]

GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
2025-01-27 14:17

Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access...

GitHub CISO on security strategy and collaborating with the open-source community
2025-01-13 05:00

In this Help Net Security, Alexis Wales, CISO at GitHub, discusses how GitHub embeds security into every aspect of its platform to protect millions of developers and repositories, ensuring it...

Fake LDAPNightmware exploit on GitHub spreads infostealer malware
2025-01-11 15:21

A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. [...]