Tag: github
-
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub’s Push Protection
by
in SecurityNewsGeneric secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub’s push protection falls short. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/addressing-the-growing-challenge-of-generic-secrets-beyond-githubs-push-protection/
-
Supply Chain Attack Targets GitHub Repositories and Secrets
by
in SecurityNewsOver 23,000 Code Repositories at Risk After Malicious Code Added to GitHub Action. Attackers subverted a widely used tool for software development environment GitHub, potentially allowing them to steal secrets from thousands of private code repositories as well as compromise other, widely used open source libraries, binaries and artifacts that use the tool, experts warned.…
-
Supply chain attack on popular GitHub Action exposes CI/CD secrets
by
in SecurityNewsA supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/supply-chain-attack-on-popular-github-action-exposes-ci-cd-secrets/
-
Malicious Code Hits ‘tj-actions/changed-files’ in 23,000 GitHub Repos
by
in SecurityNewsGitHub security alert: Malicious code found in ‘tj-actions/changed-files,’ impacting 23K+ repos. Learn how to check, remove, and protect… First seen on hackread.com Jump to article: hackread.com/malicious-code-in-tj-actions-changed-files-github-repos/
-
GitHub accounts targeted with fake security alerts
by
in SecurityNewsPossible DPRK links: Luc4m’s X post hinted at possible nation-state connections, adding, “Smells #DPRK?” While nothing else was said on the X thread, North Korea is known for using click-fix attacks for its cyber espionage activities, with Contagious Interviews being a prominent one of those campaigns.All GitHub fake alerts included the same login information, location:…
-
Attackers attempted hijacking 12,000 GitHub accounts with click-fix alerts
by
in SecurityNewsPossible DPRK links: Luc4m’s X post hinted at possible nation-state connections, adding, “Smells #DPRK?” While nothing else was said on the X thread, North Korea is known for using click-fix attacks for its cyber espionage activities, with Contagious Interviews being a prominent one of those campaigns.All GitHub fake alerts included the same login information, location:…
-
GitHub supply chain attack spills secrets from 23,000 projects
by
in SecurityNewsLarge organizations among those cleaning up the mess First seen on theregister.com Jump to article: www.theregister.com/2025/03/17/supply_chain_attack_github/
-
GitHub project maintainers targeted with fake security alert
by
in SecurityNewsA phishing campaign targeting GitHub account owners has been trying to scare them with a fake security alert into allowing a malicious OAuth app access to their account and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/17/github-project-maintainers-targeted-with-fake-security-alert/
-
Popular GitHub Action Targeted in Supply Chain Attack
by
in SecurityNewsThe tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack. The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/popular-github-action-targeted-in-supply-chain-attack/
-
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
by
in SecurityNewsCybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow.The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It’s used to track and retrieve all First seen on thehackernews.com…
-
Fake “Security Alert” issues on GitHub use OAuth app to hijack accounts
by
in SecurityNewsA widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-security-alert-issues-on-github-use-oauth-app-to-hijack-accounts/
-
More than 23.7 Million Hardcoded Secrets Publicly Exposed In GitHub Last Year
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/more-than-23-7-million-hardcoded-secrets-publicly-exposed-in-github-last-year
-
Fast 1 Million Geschäfts- und Privat-PCs kompromittiert
by
in SecurityNews
Tags: ciso, control, cyersecurity, github, mail, malware, microsoft, powershell, ransomware, softwareEin Bericht von Microsoft zeigt, wie wichtig es für CISOs ist, das Sicherheitsbewusstsein ihrer Mitarbeiter zu schulen.Malware ist und bleibt ein massives Problem, welches CISOs zunehmend Kopfzerbrechen bereitet. Insbesondere wenn Mitarbeitende durch unvorsichtiges Online-Surfen ihre Geräte und ganze IT-Netzwerke mit Schadsoftware infizieren. Sind Systeme kompromittiert, kann das schwerwiegende Konsequenzen wie Ransomware-Attacken nach sich ziehen. Zu…
-
Tens of millions of secrets publicly exposed in GitHub last year
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/tens-of-millions-of-secrets-publicly-exposed-in-github-last-year
-
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
by
in SecurityNewsTwo high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections.SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization data between parties, enabling features like single sign-on (SSO), which allows First seen on thehackernews.com Jump…
-
Tenda AC7 Vulnerability Lets Hackers Execute Malicious Payloads for Root Access
by
in SecurityNewsA vulnerability has been discovered in the Tenda AC7 router, firmware version V15.03.06.44, which allows attackers to execute malicious payloads and gain root access. As per a report in Github, the vulnerability, identified through experimental setup and exploitation, revolves around a stack overflow issue in the formSetFirewallCfg function. This exploit is significant, as it not only enables…
-
Lazarus Group deceives developers with 6 new malicious npm packages
Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday. First seen on cyberscoop.com Jump to article: cyberscoop.com/lazarus-group-north-korea-malicious-npm-packages-socket/
-
News alert: GitGuardian discloses 70% of leaked secrets remain active 2 years, remediation urgent
by
in SecurityNewsBoston, Mass., Mar. 11, 2025, CyberNewswire, GitGuardian, the security leader behind GitHub’s most installed application, today released its comprehensive “2025 State of Secrets Sprawl Report,” revealing a widespread and persistent security crisis that threatens organizations of all sizes.”¦ (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/news-alert-gitguardian-discloses-70-of-leaked-secrets-remain-active-2-years-remediation-urgent/
-
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
by
in SecurityNewsThe threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024.”The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates,” Check Point said in a new analysis.”More than 1,600 victims were affected during one…
-
AI-Generated Fake GitHub Repositories Steal Login Credentials
by
in SecurityNews
Tags: ai, credentials, cyber, cybercrime, cybersecurity, exploit, github, login, malicious, malware, tactics, threatA concerning cybersecurity threat has emerged with the discovery of AI-generated fake GitHub repositories designed to distribute malware, including the notorious SmartLoader and Lumma Stealer. These malicious repositories, crafted to appear legitimate, exploit GitHub’s trusted reputation to deceive users into downloading ZIP files containing malicious code. The campaign highlights the evolving tactics cybercriminals employ to…
-
Blind Eagle Hackers Exploit Google Drive, Dropbox GitHub to Evade Security Measures
by
in SecurityNewsIn a recent cyber campaign, the notorious threat actor group Blind Eagle, also known as APT-C-36, has been leveraging trusted cloud platforms like Google Drive, Dropbox, GitHub, and Bitbucket to distribute malware and evade traditional security defenses. This sophisticated approach allows them to bypass detection by disguising malicious files as harmless ones hosted on these…
-
Apache Camel RCE Vulnerability PoC Exploit Released in GitHub
by
in SecurityNewsA Proof of Concept (PoC) exploit for the Apache Camel vulnerability CVE-2025-27636 has been released on GitHub. This vulnerability affects Apache Camel versions 4.10.0-4.10.1, 4.8.0-4.8.4, and 3.10.0-3.22.3, allowing attackers to inject arbitrary headers and potentially execute internal Camel methods, including Remote Code Execution (RCE) via the Camel Exec component. Vulnerability Details The vulnerability arises from…
-
GitGuardian Is Now The Overall Most Installed GitHub Marketplace App
by
in SecurityNewsWe are thrilled to announce that the GitGuardian App has become the most installed application on GitHub’s Marketplace. We are proud to have passed this milestone, with over 418K developers and organizations trusting GitGuardian to detect secrets in their shared repositories. GitGuardian is now protecting over 12.7M First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/gitguardian-is-now-the-overall-most-installed-github-marketplace-app/
-
GitHub-Hosted Malware Infects 1M Windows Users
Microsoft has identified a complex, malvertising-based attack chain that delivered Lumma and other infostealers to enterprise and consumer PC users; the campaign is unlikely the last of its kind. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/github-hosted-malware-1m-windows-users
-
Massive Malvertising Campaign Infects a Million Devices
by
in SecurityNewsA massive malvertising campaign that targeted individuals watching pirated videos on illegal streaming sites redirected them several times before landing them at GitHub repositories that hosted infostealers and other malware, according to Microsoft First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/microsoft-massive-malvertising-campaign-infects-a-million-devices/
-
WinDbg Vulnerability Allows Attackers to Execute Remote Code
by
in SecurityNewsMicrosoft recently disclosed a critical vulnerability impacting its debugging tool, WinDbg, and associated .NET packages. Tracked CVE-2025-24043, this flaw allows remote code execution (RCE) due to improper cryptographic signature verification in the SOS debugging extension. According to Github’s Post, Developers using affected versions of specific NuGet packages within .NET Core projects are urged to update…
-
Malvertising op targets almost 1M devices via malicious GitHub repos
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/malvertising-campaign-uses-malicious-github-repos-to-target-nearly-1-million-devices
-
Microsoft Warns: 1 Million Devices Infected by Malware from GitHub
In a recent alert, Microsoft revealed a large-scale malvertising campaign that has compromised nearly one million devices worldwide. This campaign, which began in early December 2024, leverages malicious redirects from illegal streaming websites to deliver malware hosted on platforms like GitHub. The attack is notable for its indiscriminate targeting, affecting both consumer and enterprise devices…
-
Microsoft Dismantles Malvertising Scam Using GitHub, Discord, Dropbox
by
in SecurityNewsMicrosoft Threat Intelligence exposes a malvertising campaign exploiting GitHub, Discord, and Dropbox. Discover the multi-stage attack chain, the… First seen on hackread.com Jump to article: hackread.com/microsoft-dismantle-malvertising-github-discord-dropbox/
-
GitHub Explains How Security Professionals Can Use Copilot for Log Analysis
by
in SecurityNewsGitHub Copilot, once a developer-centric tool, is now revolutionizing workflows across technical and non-technical roles. With features like Agent Mode, CLI integration, and Project Padawan, Copilot is emerging as a universal productivity enhancer. This article explores three key developments reshaping collaboration in 2025. 1. From Pair Programmer to Cross-Functional Assistant GitHub Copilot now extends beyond…