Tag: github
-
North Korean Fake IT Workers Pose as Blockchain Developers on GitHub
by
in SecurityNewsNorth Korean fake IT workers are creating personas on GitHub to land blockchain developer jobs at US and Japanese firms. The post North Korean Fake IT Workers Pose as Blockchain Developers on GitHub appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-fake-it-workers-pose-as-blockchain-developers-on-github/
-
Beware! Fake CAPTCHA Hidden LummaStealer Threat Installing Silently
by
in SecurityNewsCybersecurity researchers at G DATA have uncovered a sophisticated malware campaign utilizing fake booking websites to deliver the LummaStealer malware through deceptive CAPTCHA prompts. This new attack vector, discovered in January 2025, marks a significant shift in LummaStealer’s distribution methods, moving from traditional channels like GitHub and Telegram to malvertising techniques. The infection chain begins…
-
North Korean IT Workers Exploit GitHub to Launch Global Cyber Attacks
by
in SecurityNewsA network of suspected North Korean IT workers is using GitHub to create and backstop fake personas, aiming to infiltrate companies globally, particularly in Japan and the United States. DPRK-Linked Network Targets Companies in Japan and US Cybersecurity firm Nisos has uncovered this operation, which appears to be part of Pyongyang’s efforts to fund its…
-
North Korean Fake IT Workers Leverage GitHub to Build Jobseeker Personas
by
in SecurityNewsNisos has found six personas leveraging new and existing GitHub accounts to get developer jobs in Japan and the US First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-fake-it-workers-github/
-
DPRK IT Fraud Network Uses GitHub to Target Global Companies
by
in SecurityNewsNisos DPRK IT Fraud Network Uses GitHub to Target Global Companies Nisos is tracking a network of likely North Korean (DPRK)-affiliated IT workers posing as Vietnamese, Japanese, and Singaporean nationals with the goal of obtaining employment in remote engineering… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/dprk-it-fraud-network-uses-github-to-target-global-companies/
-
PoC Released for Windows Hyper-V SYSTEM Privilege Exploit
by
in SecurityNewsSecurity researchers have publicly disclosed a proof-of-concept (PoC) exploit for CVE-2025-21333, a critical elevation-of-privilege vulnerability in Microsoft’s Hyper-V virtualization framework. The vulnerability resides in thevkrnlintvsp.sysdriver and enables local attackers to gainSYSTEM privilegesthrough a sophisticated heap manipulation technique. Microsoft rated this flaw asImportant (7.8 CVSSv3)in its January 2025 advisory. Vulnerability Overview According to a GitHub report, the…
-
Copilot exposes private GitHub pages, some removed by Microsoft
by
in SecurityNewsRepositories once set to public and later to private, still accessible through Copilot. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2025/02/copilot-exposes-private-github-pages-some-removed-by-microsoft/
-
GitVenom campaign targets gamers and crypto investors by posing as fake GitHub projects
by
in SecurityNewsGitVenom malware campaign targets gamers and crypto investors by posing as open-source projects on GitHub. Kaspersky researchers warn of a malware campaign, dubbed GitVenom, targeting GitHub users. The threat actors behind this campaign created hundreds of fake GitHub repositories with malicious code, disguising them as automation tools, crypto bots, and hacking utilities. The attackers used…
-
GitVenom attacks abuse hundreds of GitHub repos to steal crypto
A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote access trojans (RATs), and clipboard hijackers to steal crypto and credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/gitvenom-attacks-abuse-hundreds-of-github-repos-to-steal-crypto/
-
Hackers Exploit Fake GitHub Repositories to Spread GitVenom Malware
Kaspersky’s Securelist exposes the GitVenom campaign involving fake GitHub repositories to distribute malware. Targeting developers with seemingly legitimate… First seen on hackread.com Jump to article: hackread.com/hackers-exploit-fake-github-repositories-gitvenom-malware/
-
200 Malicious GitHub Repositories Distributing Malware to Developers
A sophisticated malware campaign dubbedGitVenomhas infected over 200 GitHub repositories, targeting developers with fake projects masquerading as legitimate tools. The repositories, active for nearly two years, deploy stealers, remote access Trojans (RATs), and clippers to compromise systems and steal sensitive data, including cryptocurrency wallets. According to the Kaspersky Report, Security researchers estimate the threat actors…
-
GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets
by
in SecurityNewsCybersecurity researchers are calling attention to an ongoing campaign that’s targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub.The campaign, which spans hundreds of repositories, has been dubbed GitVenom by Kaspersky.”The infected projects include an automation instrument for interacting with Instagram accounts, a Telegram bot that enables First seen on…
-
GitVenom Campaign Abuses Thousands of GitHub Repositories to Infect Users
The GitVenom campaign, a sophisticated cyber threat, has been exploiting GitHub repositories to spread malware and steal cryptocurrency. This campaign involves creating hundreds of fake GitHub repositories that appear legitimate but contain malicious code. These repositories are designed to lure unsuspecting developers into downloading and executing the malicious code, which can lead to significant financial…
-
GitVenom Campaign: Malicious GitHub Repositories Target Crypto and Credentials
by
in SecurityNewsSecurity researchers at Kaspersky Labs have uncovered a large-scale cybercrime campaign, dubbed GitVenom, that targets GitHub users by First seen on securityonline.info Jump to article: securityonline.info/gitvenom-campaign-malicious-github-repositories-target-crypto-and-credentials/
-
AWS Key Hunter: An Automated Solution for Exposed Key Detection
by
in SecurityNewsAWS Key Hunter, a cutting-edge automated solution designed to identify exposed AWS keys in GitHub repositories. This powerful tool combines real-time monitoring, advanced scanning capabilities, and a seamless notification system to help developers and organizations protect sensitive cloud credentials from falling into the wrong hands. What is AWS Key Hunter? AWS Key Hunter is an…
-
Check out this free automated tool that hunts for exposed AWS secrets in public repos
by
in SecurityNewsYou can find out if your GitHub codebase is leaking keys … but so can miscreants First seen on theregister.com Jump to article: www.theregister.com/2025/02/19/automated_tool_scans_public_repos/
-
GPT-4o Copilot Covers More Than 30 Popular Programming Languages
by
in SecurityNewsGitHub has launchedGPT-4o Copilot, a refined code completion model now available to Visual Studio Code users. Built on the GPT-4o mini architecture and trained on over 275,000 high-quality public repositories, the update marks a leap in multi-language support, performance accuracy, and contextual understanding across more than 30 popular programming languages, including Python, JavaScript, Rust, Go, and TypeScript. Expanded Language…
-
North Korea Stealing Cryptocurrency With JavaScript Implant
by
in SecurityNews‘Marstech1’ Malware Targets Developers Through GitHub Respository. New North Korean malware is targeting cryptowallets with an unconventional command-and-control infrastructure and through malware embedded into a GitHub repository that’s apparently the account of a Pyongyang hacker. The implant appears to have emerged late last December. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-stealing-cryptocurrency-javascript-implant-a-27547
-
New family of data-stealing malware leverages Microsoft Outlook
by
in SecurityNewscertutil application which handles certificates, to download files.Espionage seems to be the motive, says the report, and there are Windows and Linux versions of the malware. But fortunately the gang “exhibited poor campaign management and inconsistent evasion tactics,” it notes. Nevertheless, CISOs should be watching for signs of attack using this group’s techniques, because their…
-
Software Bill of Material umsetzen: Die besten SBOM-Tools
by
in SecurityNews
Tags: api, business, compliance, container, cyberattack, data, docker, gartner, github, gitlab, healthcare, linux, monitoring, open-source, risk, saas, sbom, service, software, tool, update, vulnerabilityNur wenn Sie wissen, was drinsteckt, können Sie sich sicher sein, dass alles mit rechten Dingen zugeht. Das gilt für Fast Food wie für Software. Um Software abzusichern, muss man wissen, was in ihrem Code steckt. Aus diesem Grund ist eine Software Bill of Material, SBOM oder Software-Stückliste heute unerlässlich. Der SolarWinds-Angriff sowie die Log4j-Schwachstelle…
-
Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks
by
in SecurityNewsThe North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers.The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an open-source repository hosted on GitHub that’s associated with a…
-
Codeberg: Spam- und DoS-Angriffe auf nichtkommerzielle Entwicklungsplattform
by
in SecurityNewsMassenhafte Spam-Nachrichten, überlaufende E-Mail-Postfächer und verstopfte Internetleitungen: Anonyme Attacken plagen die gemeinnützige Github-Alternative. First seen on heise.de Jump to article: www.heise.de/news/Codeberg-Spam-und-DoS-Angriffe-auf-nichtkommerzielle-Entwicklungsplattform-10281324.html
-
Cybercriminals Exploit Pyramid Pentesting Tool for Covert C2 Communications
by
in SecurityNewsCybersecurity analysts have identified that hackers are leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Originally designed as a post-exploitation framework for penetration testers, Pyramid has become an attractive option for malicious actors due to its ability to evade detection by endpoint security tools. The tool, first released on GitHub in…
-
GitHub Copilot’s New Agent Mode Enables Autonomous Code Completion
by
in SecurityNewsGitHub has once again raised the bar for productivity in software development with the launch of its revolutionary >>Agent Mode
-
Attackers hide malicious code in Hugging Face AI model Pickle files
by
in SecurityNews
Tags: ai, data, github, malicious, ml, open-source, programming, remote-code-execution, risk, service, software, threat, tool, vulnerabilityLike all repositories of open-source software in recent years, AI model hosting platform Hugging Face has been abused by attackers to upload trojanized projects and assets with the goal of infecting unsuspecting users. The latest technique observed by researchers involves intentionally broken but poisoned Python object serialization files called Pickle files.Often described as the GitHub…
-
Breach Roundup: Hacker Claims 20 Million OpenAI Logins Taken
Also: Researchers Bypass GitHub Copilot’s Protections, Deloitte Pays $5M for Breach. This week: A hacker claims to have 20 million OpenAI logins, Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot’s protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, Spain nabs hacker, and Deloitte pays $5M for RIBridges…