Security News

Securing GitHub Actions for a safer DevOps pipeline
2023-10-02 04:30

Misconception #1: GitHub Actions security only means using SCA, SAST tools in CI/CD. When people think about GitHub Actions security, their first thought is about adding security tools, like SCA and SAST tools, in the CI/CD pipeline. GitHub Actions security also extends to securing the CI/CD servers on which GitHub Actions run.

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
2023-09-28 17:22

A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The...

GitHub repos bombarded by info-stealing commits masked as Dependabot
2023-09-27 12:00

Hackers are breaching GitHub accounts and inserting malicious code disguised as Dependabot contributions to steal authentication secrets and passwords from developers. The campaign unfolded in July 2023, when researchers discovered unusual commits on hundreds of public and private repositories forged to appear as Dependabot commits.

GitHub passkeys generally available for passwordless sign-ins
2023-09-21 18:59

GitHub has made passkeys generally available across the platform today to secure accounts against phishing and allow passwordless logins for all users. Passkeys are linked to specific devices, such as computers, tablets, or smartphones, and have a crucial role in reducing the risk of data breaches by providing protection against phishing attacks and blocking unauthorized access attempts.

Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT
2023-09-21 05:03

A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with Venom RAT malware....

Microsoft worker accidentally exposes 38TB of sensitive data in GitHub blunder
2023-09-18 18:03

A Microsoft employee accidentally exposed 38 terabytes of private data while publishing a bucket of open-source AI training data on GitHub, according to Wiz security researchers who spotted the leaky account and reported it to the Windows giant.This is despite Wiz claiming the leaky data bucket had private keys, passwords, and over 30,000 internal Microsoft Teams messages, as well as backup data from two employees' workstations.

Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack
2023-09-12 11:32

A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw "Could allow an attacker to exploit a race condition within GitHub's repository creation and username renaming operations," Checkmarx security researcher Elad Rapoport said in a technical report shared with The Hacker News.

North Korean hackers targeted tech companies through JumpCloud and GitHub
2023-07-21 12:48

North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech employees on GitHub through a social engineering campaign. "Fewer than 5 JumpCloud customers were impacted and fewer than 10 devices total were impacted, out of more than 200,000 organizations who rely on the JumpCloud platform for a variety of identity, access, security, and management functions,".

GitHub warns of Lazarus hackers targeting devs with malicious projects
2023-07-20 22:48

GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their devices with malware. In a new security alert, GitHub warns that the Lazarus Group is compromising legitimate accounts or creating fake personas that pretend to be developers and recruiters on GitHub and social media.

Source code for BlackLotus Windows UEFI malware leaked on GitHub
2023-07-13 15:14

The source code for the BlackLotus UEFI bootkit has leaked online, allowing greater insight into a malware that has caused great concern among the enterprise, governments, and the cybersecurity community. BlackLotus is a Windows-targeting UEFI bootkit that bypasses Secure Boot on fully patched Windows 11 installs, evades security software, persists on an infected system, and executes payloads with the highest level of privileges in the operating system.