Tag: github
-
Albabat Ransomware Expands Targets, Abuses GitHub
by
in SecurityNewsNew versions of the Albabat ransomware target Windows, Linux, and macOS, and retrieve configuration files from GitHub. The post Albabat Ransomware Expands Targets, Abuses GitHub appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/albabat-ransomware-expands-targets-abuses-github/
-
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed
by
in SecurityNewsThe supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope.”The payload was focused on exploiting the public CI/CD flow of one of their open source projects agentkit, probably with the purpose of leveraging it for further compromises,”…
-
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
by
in SecurityNewsThe supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope.”The payload was focused on exploiting the public CI/CD flow of one of their open source projects agentkit, probably with the purpose of leveraging it for further compromises,”…
-
CVE-2025-24813: Apache Tomcat Vulnerable to RCE Attacks
by
in SecurityNewsIntroductionCVE-2025-24813 was originally published on March 10 with a medium severity score of 5.5, and Apache Tomcat released an update to fix it. On March 12, the first attack was detected in Poland by Wallarm researchers, even before a Proof-of-Concept (PoC) was made public. After the PoC was released on March 13 on GitHub and…
-
Coinbase was primary target of recent GitHub Actions breaches
by
in SecurityNewsResearchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-was-primary-target-of-recent-github-actions-breaches/
-
GitHub Action supply chain attack less impactful than thought
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/github-action-supply-chain-attack-less-impactful-than-thought
-
Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse
by
in SecurityNewsRecent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows but also Linux and macOS systems. This expansion highlights the increasing sophistication of ransomware groups in exploiting multiple operating systems to maximize their impact. The Albabat group has been leveraging GitHub to streamline its operations,…
-
Coinbase originally targeted during GitHub Action supply chain attack
by
in SecurityNewsResearchers from Palo Alto Networks said the hackers likely planned to leverage an open source project of the company for additional attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/coinbase-targeted-github-action-attack/743186/
-
Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed
by
in SecurityNewsMore details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause. The post Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/impact-root-cause-of-github-actions-supply-chain-hack-revealed/
-
North Korean IT Workers Exploit GitHub to Launch Global Cyberattacks
by
in SecurityNewsA recent investigation by cybersecurity firm Nisos has uncovered a coordinated effort by North Korean IT workers to exploit GitHub for creating fake personas, enabling them to secure remote jobs in Japan and the United States. These individuals, posing as professionals from countries like Vietnam, Japan, and Singapore, primarily target roles in engineering and blockchain…
-
GitHub Action compromise linked to previously undisclosed attack
by
in SecurityNewsResearchers uncovered a March 11 incident that may have led to the larger supply chain attack.;; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/github-action-compromise-linked-undisclosed-attack/743079/
-
GitHub Action supply chain attack exposed secrets in 218 repos
by
in SecurityNewsThe compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to the supply chain attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-action-supply-chain-attack-exposed-secrets-in-218-repos/
-
CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
by
in SecurityNews
Tags: breach, cisa, cve, cybersecurity, exploit, flaw, github, infrastructure, kev, malicious, supply-chain, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog.The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote First…
-
GitHub Action hack likely led to another in cascading supply chain attack
by
in SecurityNewsA cascading supply chain attack that began with the compromise of the “reviewdog/action-setup@v1” GitHub Action is believed to have led to the recent breach of “tj-actions/changed-files” that leaked CI/CD secrets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-action-hack-likely-led-to-another-in-cascading-supply-chain-attack/
-
Thousands of GitHub repositories’ secrets exposed by supply chain compromise
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-github-repositories-secrets-exposed-by-supply-chain-compromise
-
Second GitHub Actions Supply Chain Attack Discovered
by
in SecurityNewsMalicious Code Injected in reviewdog Just Hours Before tj-actions Backdoored. Just days after researchers discovered an attack that subverted a widely used tool for software development platform GitHub, they discovered a second, prior attack, as part of what one expert said may be a chain of supply chain attacks eventually leading to a specific high-value…
-
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
by
in SecurityNewsCybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code.”This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent First seen on thehackernews.com Jump…
-
GitHub wird immer mehr zu einem digitalen Minenfeld
by
in SecurityNews
Tags: access, authentication, cloud, computer, cyberattack, cyberespionage, cybersecurity, github, malware, mfa, north-korea, password, updateZuerst waren nur einzelne GitHub-Repositories mit Malware infiziert. Mittlerweile geraten auch Entwickler und deren Konten direkt in das Visier von Cyberkriminellen.Die Plattform GitHub sorgt seit geraumer Zeit für negative Schlagzeilen, da ihre Repositories vermehrt mit Malware infiziert sind. Hierdurch versuchen Cyberkriminelle auf Geräte und Daten zuzugreifen.Jetzt wurden diese Aktivitäten auf Entwickler direkt ausgeweitet. Ziel dieser…
-
OAuth Attacks Target Microsoft 365, GitHub
In a cyber twist, attackers behind two of the campaigns are using the apps to redirect users to phishing and malware distribution sites. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/oauth-attacks-target-microsoft-365-github
-
Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos
by
in SecurityNewsAd giant just confirmed its cloudy arm will embrace security shop in $30B deal First seen on theregister.com Jump to article: www.theregister.com/2025/03/18/wiz_github_supply_chain/
-
GitHub Actions supply chain attack spotlights CI/CD risks
by
in SecurityNewsExperts say a GitHub Actions vulnerability should renew enterprises’ attention to securing build pipelines the same way they secure production environments. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366621078/GitHub-Actions-supply-chain-attack-spotlights-CI-CD-risks
-
GitHub Action tj-actions/changed-files was compromised in supply chain attack
by
in SecurityNewsThe GitHub Action tj-actions/changed-files was compromised, enabling attackers to extract secrets from repositories using the CI/CD workflow. Researchers reported that threat actors compromised the GitHub Action tj-actions/changed-files, allowing the leak of secrets from repositories using the continuous integration and continuous delivery CI/CD workflow. The tj-actions/changed-files GitHub Action is used in over 23,000 repositories, it automates workflows by…
-
GitHub restores code following malicious changes to tj-actions tool
by
in SecurityNewsGitHub was forced to take action this weekend to help users after a threat actor compromised a popular open source package used by more than 23,000 organizations. First seen on therecord.media Jump to article: therecord.media/github-restores-code-malicious-tj-actions-changes
-
Supply Chain Attack Targets 23,000 GitHub Repositories
by
in SecurityNewsA critical security incident has been uncovered involving the popular GitHub Action tj-actions/changed-files, which is used in over 23,000 repositories. The attack involves a malicious modification of the Action’s code, leading to the exposure of CI/CD secrets in GitHub Actions build logs. This vulnerability was detected by StepSecurity’s Harden-Runner, a tool designed to secure CI/CD…
-
Supply chain attack against GitHub Action triggers massive exposure of secrets
by
in SecurityNewsThe incident highlights ongoing security concerns in the software supply chain. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/supply-chain-github-exposure-secrets/742693/
-
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub’s Push Protection
by
in SecurityNewsGeneric secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub’s push protection falls short. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/addressing-the-growing-challenge-of-generic-secrets-beyond-githubs-push-protection/
-
Supply Chain Attack Targets GitHub Repositories and Secrets
by
in SecurityNewsOver 23,000 Code Repositories at Risk After Malicious Code Added to GitHub Action. Attackers subverted a widely used tool for software development environment GitHub, potentially allowing them to steal secrets from thousands of private code repositories as well as compromise other, widely used open source libraries, binaries and artifacts that use the tool, experts warned.…
-
Supply chain attack on popular GitHub Action exposes CI/CD secrets
by
in SecurityNewsA supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/supply-chain-attack-on-popular-github-action-exposes-ci-cd-secrets/
-
Malicious Code Hits ‘tj-actions/changed-files’ in 23,000 GitHub Repos
by
in SecurityNewsGitHub security alert: Malicious code found in ‘tj-actions/changed-files,’ impacting 23K+ repos. Learn how to check, remove, and protect… First seen on hackread.com Jump to article: hackread.com/malicious-code-in-tj-actions-changed-files-github-repos/