Tag: github
-
FYI: Data from deleted GitHub repos may not actually be deleted
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/07/25/data_from_deleted_github_repos/
-
GitHub Makes Copilot Autofix Generally Available
by
in SecurityNewsGitHub has made AI-powered Copilot Autofix generally available to help developers fix code vulnerabilities faster. The post GitHub Makes Copilot Autof… First seen on securityweek.com Jump to article: www.securityweek.com/github-makes-copilot-autofix-generally-available/
-
35% of exposed API keys still active, posing major security risks
by
in SecurityNewsNightfall AI’s research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 1… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/13/api-keys-secrets/
-
Fake Google Authenticator Used To Deliver Malware On GitHub
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36173/Fake-Google-Authenticator-Used-To-Deliver-Malware-On-GitHub.html
-
A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub
by
in SecurityNewsCybersecurity researchers have spotted a 3,000-account network on GitHub that is manipulating the platform and spreading ransomware and info stealers…. First seen on wired.com Jump to article: www.wired.com/story/github-malware-spreading-network-stargazer-goblin/
-
Check Point entdeckt Malware-Netzwerk auf GitHub und YouTube – Stargazers Ghost Network verteilt Malware über GitHub
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/entdeckung-stargazers-ghost-network-malware-kampagne-github-a-89cbb9a364b2cf1fad46ce612fd856c3/
-
Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise
by
in SecurityNewsOutages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps t… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/07/github-bitbucket-gitlab-jira-incidents/
-
Malware-Netzwerk auf Github entdeckt
Check Point Software Technologies hat eine ausgeklügelte Hacker-Kampagne entdeckt. Diese als Stargazers-Ghost-Network benannte Operation verteilt Malw… First seen on netzpalaver.de Jump to article: netzpalaver.de/2024/07/29/malware-netzwerk-auf-github-entdeckt/
-
Warum private und gelöschte GitHub-Quellcodes öffentlich einsehbar bleiben und wie ihr euch schützt
by
in SecurityNews
Tags: githubFirst seen on t3n.de Jump to article: t3n.de/news/private-und-geloeschte-github-quellcodes-einsehbar-1637446/
-
‘Stargazer Goblin’ Amasses Rogue GitHub Accounts to Spread Malware
The threat group uses its Stargazers Ghost Network to star, fork, and watch malicious repos to make them seem legitimate, all to distribute a variety … First seen on darkreading.com Jump to article: www.darkreading.com/application-security/stargazer-goblin-amasses-rogue-github-accounts-to-spread-malware
-
3,000 Fake GitHub Accounts Used to Spread Malware in Stargazers Ghost Scheme
by
in SecurityNewsFirst seen on hackread.com Jump to article: hackread.com/fake-github-accounts-spread-malware-stargazers-ghost/
-
GitHub Network Fuels Malware Distribution Operation
Threat Actors Profit from GitHub’s Inauthentic Accounts Network. Hackers apparently stymied by improved network detection of malware are turning to fa… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/github-network-fuels-malware-distribution-operation-a-25877
-
Researchers Claim Anyone Can Access Deleted, Private GitHub Repository Data
by
in SecurityNewsFirst seen on hackread.com Jump to article: hackread.com/anyone-access-deleted-private-github-repository-data/
-
Inside the Operations of Stargazer Goblin: Unveiling the Malicious Repositories
by
in SecurityNewsCheck Point has uncovered a network of 3,000 fake accounts on GitHub, actively disseminating malicious programs and phishing links. The activities beg… First seen on securityonline.info Jump to article: securityonline.info/inside-the-operations-of-stargazer-goblin-unveiling-the-malicious-repositories/
-
Malware-Verteilung über GitHub: Geister-Account-Netzwerk entdeckt
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Geister-Account-Netzwerk-auf-GitHub-Organisierte-Malware-Schleuder-mit-System-9812729.html
-
Network of ghost GitHub accounts successfully distributes malware
by
in SecurityNewsCheck Point researchers have unearthed an extensive network of GitHub accounts that they believe provides malware and phishing link Distribution-as-a-… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/24/github-accounts-malware-distribution/
-
Malware Distribution Service Exploits Thousands of GitHub Accounts
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/malware-distribution-service-exploits-thousands-of-github-accounts
-
3,000 GitHub accounts found distributing malware
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/3000-github-accounts-found-distributing-malware
-
Over 3,000 GitHub accounts used by malware distribution service
by
in SecurityNewsThreat actors known as ‘Stargazer Goblin’ have created a malware Distribution-as-a-Service (DaaS) from over 3,000 fake accounts on GitHub that push in… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-3-000-github-accounts-used-by-malware-distribution-service/
-
Google, Microsoft, Others Support U.S.-Based Spyware Lawsuits
Microsoft and Google were joined by LinkedIn, GitHub, and Trend Micro in a supporting an appeal of a lawsuit against spyware maker NSO Group that was … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/google-microsoft-others-support-u-s-based-spyware-lawsuits/
-
Network of 3,000 GitHub Accounts Used for Malware Distribution
by
in SecurityNewsStargazer Goblin has created a network of over 3,000 GitHub accounts to distribute malware through phishing repositories. The post Network of 3,000 Gi… First seen on securityweek.com Jump to article: www.securityweek.com/network-of-3000-github-accounts-used-for-malware-distribution/
-
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
by
in SecurityNewsCybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories … First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/github-token-leak-exposes-pythons-core.html
-
Nach Yuzu: Nintendo lässt weitere Switch-Emulatoren sperren
by
in SecurityNewsInsgesamt 14 Github-Repos von Switch-Emulatoren sind nicht mehr verfügbar. Laut Nintendo griffen sie alle zumindest zum Teil auf Code von Yuzu zurück…. First seen on golem.de Jump to article: www.golem.de/news/nach-yuzu-nintendo-laesst-weitere-switch-emulatoren-sperren-2407-187022.html
-
Most GitHub Actions workflows are insecure in some way
by
in SecurityNews
Tags: githubMost GitHub Actions are susceptible to exploitation; they are overly privileged or have risky dependencies, according to Legit Security. GitHub Action… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/17/insecure-github-actions-workflows/
-
Python Repositories Threatened by Inadvertently Exposed GitHub Token
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/python-repositories-threatened-by-inadvertently-exposed-github-token
-
Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories
by
in SecurityNewsUnknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a co… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/trojanized-jquery-packages-found-on-npm.html
-
Ex-GitHub Engineers Raise $20M to Enhance Pen-Testing with AI-Powered XBOW
by
in SecurityNewsA team of former GitHub engineers has secured $20 million in venture capital funding from Sequoia to build AI-powered security tools. The post Ex-GitH… First seen on securityweek.com Jump to article: www.securityweek.com/ex-github-engineers-raise-20m-to-enhance-pen-testing-with-ai-powered-xbow/
-
Trojanized jQuery Packages Spread via ‘Complex’ Supply Chain Attack
by
in SecurityNewsThe campaign, which distributes dozens of malicious jQuery variants across npm, GitHub, and jsDelivr, appears to be a manual effort, and lacks the typ… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/trojanized-jquery-packages-complex-supply-chain-attack
-
Trojanized jQuery Infiltrates npm, GitHub, and CDNs: Thousands of Packages at Risk
by
in SecurityNewsFirst seen on hackread.com Jump to article: hackread.com/trojanized-jquery-threatens-npm-github-and-cdns/