Security News

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)
2024-05-23 10:13

A critical, 10-out-of-10 vulnerability allowing unrestricted access to vulnerable GitHub Enterprise Server instances has been fixed by Microsoft-owned GitHub. There is a catch that may narrow down the pool of potential victims: instances are vulnerable to attack only if they use SAML single sign-on authentication AND have the encrypted assertions feature enabled.

GitHub Enterprise Server patches 10-outta-10 critical hole
2024-05-22 07:31

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Critical GitHub Enterprise Server Flaw Allows Authentication Bypass
2024-05-21 16:16

GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections. Tracked...

GitHub warns of SAML auth bypass flaw in Enterprise Server
2024-05-21 15:01

GitHub has fixed a maximum severity (CVSS v4 score: 10.0) authentication bypass vulnerability tracked as CVE-2024-4986, which impacts GitHub Enterprise Server (GHES) instances using SAML single...

Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail
2024-05-20 09:26

A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar,...

Using Legitimate GitHub URLs for Malware
2024-04-22 15:26

The attacker is exploiting a property of GitHub: comments to a particular repo can contain files, and those files will be associated with the project in the URL. What this means is that someone can upload malware and "Attach" it to a legitimate and trusted project. As the file's URL contains the name of the repository the comment was created in, and as almost every software company uses GitHub, this flaw can allow threat actors to develop extraordinarily crafty and trustworthy lures.

GitLab affected by GitHub-style CDN flaw allowing malware hosting
2024-04-22 15:05

BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. While most of the malware-associated activity was based around the Microsoft GitHub URLs, this "Flaw" could be abused with any public repository on GitHub or GitLab, allowing threat actors to create very convincing lures.

GitHub comments abused to push malware via Microsoft repo URLs
2024-04-20 14:14

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy. While most of the malware activity has been based around the Microsoft GitHub URLs, this "Flaw" could be abused with any public repository on GitHub, allowing threat actors to create very convincing lures.

Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware
2024-04-10 12:38

Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware. The...

Malicious Visual Studio projects on GitHub push Keyzetsu malware
2024-04-10 11:00

Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. Users downloading files from those repositories become infected with malware hidden within Visual Studio project files and stealthily executed during the project build.