Security News

Using Legitimate GitHub URLs for Malware
2024-04-22 15:26

The attacker is exploiting a property of GitHub: comments to a particular repo can contain files, and those files will be associated with the project in the URL. What this means is that someone can upload malware and "Attach" it to a legitimate and trusted project. As the file's URL contains the name of the repository the comment was created in, and as almost every software company uses GitHub, this flaw can allow threat actors to develop extraordinarily crafty and trustworthy lures.

GitLab affected by GitHub-style CDN flaw allowing malware hosting
2024-04-22 15:05

BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. While most of the malware-associated activity was based around the Microsoft GitHub URLs, this "Flaw" could be abused with any public repository on GitHub or GitLab, allowing threat actors to create very convincing lures.

GitHub comments abused to push malware via Microsoft repo URLs
2024-04-20 14:14

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy. While most of the malware activity has been based around the Microsoft GitHub URLs, this "Flaw" could be abused with any public repository on GitHub, allowing threat actors to create very convincing lures.

Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware
2024-04-10 12:38

Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware. The...

Malicious Visual Studio projects on GitHub push Keyzetsu malware
2024-04-10 11:00

Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. Users downloading files from those repositories become infected with malware hidden within Visual Studio project files and stealthily executed during the project build.

Acuity confirms hackers stole non-sensitive govt data from GitHub repos
2024-04-05 15:32

Acuity, a federal contractor that works with U.S. government agencies, has confirmed that hackers breached its GitHub repositories and stole documents containing old and non-sensitive data. Acuity is a tech consulting firm with almost 400 employees and a $100+ million annual revenue that provides DevSecOps, cyber security, data analytics, and operations support services to federal civilian national security customers.

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others
2024-03-25 11:58

Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord...

GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws
2024-03-21 10:30

GitHub on Wednesday announced that it's making available a feature called code scanning autofix in public beta for all Advanced Security customers to provide targeted recommendations in an effort...

GitHub’s new AI-powered tool auto-fixes vulnerabilities in your code
2024-03-20 18:52

GitHub introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding. Known as Code Scanning Autofix and powered by GitHub Copilot and CodeQL, it helps deal with over 90% of alert types in JavaScript, Typescript, Java, and Python.

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
2024-03-16 12:31

Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub,...