Tag: github
-
GitHub Copilot’s New Agent Mode Enables Autonomous Code Completion
by
in SecurityNewsGitHub has once again raised the bar for productivity in software development with the launch of its revolutionary >>Agent Mode
-
Attackers hide malicious code in Hugging Face AI model Pickle files
by
in SecurityNews
Tags: ai, data, github, malicious, ml, open-source, programming, remote-code-execution, risk, service, software, threat, tool, vulnerabilityLike all repositories of open-source software in recent years, AI model hosting platform Hugging Face has been abused by attackers to upload trojanized projects and assets with the goal of infecting unsuspecting users. The latest technique observed by researchers involves intentionally broken but poisoned Python object serialization files called Pickle files.Often described as the GitHub…
-
Breach Roundup: Hacker Claims 20 Million OpenAI Logins Taken
Also: Researchers Bypass GitHub Copilot’s Protections, Deloitte Pays $5M for Breach. This week: A hacker claims to have 20 million OpenAI logins, Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot’s protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, Spain nabs hacker, and Deloitte pays $5M for RIBridges…
-
Breach Roundup: Sweden Clears Ship in Baltic Cable Damage
by
in SecurityNewsAlso: Researchers Bypass GitHub Copilot’s Protections, Deloitte Pays $5M for Breach. This week: Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot’s protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, cyberattacks target aviation, Spain nabs international hacker, and Deloitte pays $5M for RIBridges breach. First seen on govinfosecurity.com…
-
Malicious package found in the Go ecosystem
by
in SecurityNewsA malicious typosquat package has been found in the Go language ecosystem. The package, which contains a backdoor to enable remote code execution, was discovered by researchers at the application security company Socket.A February 3 Socket blog post states that the package impersonates the widely used Bolt database module. The BoltDB package is widely adopted in the Go ecosystem, with 8,367…
-
Lazarus Group tricks job seekers on LinkedIn with crypto-stealer
by
in SecurityNewsNorth Korea-linked Lazarus Group is duping job seekers and professionals in an ongoing campaign that runs a LinkedIn recruiting scam to capture browser credentials, steal crypto wallet data, and launch persistence.According to a discovery made by BitDefender Labs, threat actors reach out with fake LinkedIn job offers to lure the victims into downloading and executing…
-
MobSF Framework Zero-Day Vulnerability Allows Attackers to Trigger DoS in Scan Results
by
in SecurityNewsA recently discovered zero-day vulnerability in the Mobile Security Framework (MobSF) has raised alarms in the cybersecurity community. The vulnerability, which allows attackers to cause a partial Denial of Service (DoS) on scan results and the iOS Dynamic Analyzer functionality, was disclosed on GitHub yesterday by Ajin Abraham, under the advisory GHSA-jrm8-xgf3-fwqr. Technical Overview The vulnerability,…
-
Why Some Source Code Files Shouldn’t Be Managed via Git-Based Version Control
by
in SecurityNewsThe ubiquitous version control system, Git, has revolutionised software development workflows with its robust set of capabilities. It simplifies the tracking of code changes, enables seamless branching and merging, and facilitates tight collaboration. Today, more than 100 million developers worldwide use the GitHub platform alone. However, Git is not always a suitable solution for all…
-
Further Adventures With CMPivot”Š”, “ŠClient Coercion
by
in SecurityNewsFurther Adventures With CMPivot”Š”, “ŠClient Coercion Perfectly Generated AI Depiction based on Title TL:DR CMPivot queries can be used to coerce SMB authentication from SCCM client hosts Introduction CMPivot is a component part of the Configuration Manager framework. With the rise in popularity for ConfigMgr as a target in red team operations, this post looks to cover a…
-
SparkRAT: A Persistent Cross-Platform Cyber Threat Targeting macOS and Beyond
by
in SecurityNewsSince its initial release on GitHub in 2022 by user XZB-1248, SparkRAT has evolved into a widely used First seen on securityonline.info Jump to article: securityonline.info/sparkrat-a-persistent-cross-platform-cyber-threat-targeting-macos-and-beyond/
-
Hackers Attacking Windows, macOS, and Linux systems With SparkRAT
by
in SecurityNewsResearchers have uncovered new developments in SparkRAT operations, shedding light on its persistent use in malicious campaigns targeting macOS users and government organizations. The findings, detailed in a recent report, underscore the evolving tactics of threat actors leveraging SparkRAT’s modular framework and cross-platform capabilities across Windows, macOS, and Linux. SparkRAT’s Communication Originally released on GitHub…
-
Lumma Stealer Found in Fake Crypto Tools and Game Mods on GitHub
McAfee Labs uncovers malicious GitHub repositories distributing Lumma Stealer malware disguised as game hacks and cracked software. Learn… First seen on hackread.com Jump to article: hackread.com/lumma-stealer-github-fake-crypto-tools-game-mods/
-
GitHub Vulnerability Exposes User Credentials via Malicious Repositories
by
in SecurityNewsA cybersecurity researcher recently disclosed several critical vulnerabilities affecting Git-related projects, revealing how improper handling of credential protocols can lead to sensitive data leaks. From GitHub Desktop to Git Credential Manager and Git LFS, these issues were uncovered during a routine bug-hunting session for the GitHub Bug Bounty program, resulting in the assignment of multiple…
-
A pickle in Meta’s LLM code could allow RCE attacks
by
in SecurityNews
Tags: ai, attack, breach, cve, cvss, data, data-breach, exploit, flaw, framework, github, LLM, malicious, ml, network, open-source, rce, remote-code-execution, software, supply-chain, technology, theft, vulnerabilityMeta’s large language model (LLM) framework, Llama, suffers a typical open-source coding oversight, potentially allowing arbitrary code execution on servers leading to resource theft, data breaches, and AI model takeover.The flaw, tracked as CVE-2024-50050, is a critical deserialization bug belonging to a class of vulnerabilities arising from the improper use of the open-source library (pyzmq)…
-
Weaponised XWorm RAT Builder Attacking Script Kiddies To Hack 18,000 Devices
by
in SecurityNewsA recent cybersecurity attack involving a Trojanized version of the XWorm Remote Access Trojan (RAT) builder has compromised over 18,000 devices worldwide. This sophisticated malware, primarily distributed via GitHub repositories, Telegram channels, and other platforms, has targeted cybersecurity novices, also known as >>script kiddies,
-
Cisco patches antivirus decommissioning bug as exploit code surfaces
by
in SecurityNewsCisco has patched a denial-of-service (DoS) vulnerability affecting its open-source antivirus software toolkit, ClamAV, which already has a proof-of-concept (PoC) exploit code available to the public.Identified as CVE-2025-20128, the vulnerability stems from a heap-based buffer overflow in the Object Linking and Embedding 2 (OLE2) decryption routine, enabling unauthenticated remote attackers to cause a DoS condition…
-
Python administrator moves to improve software security
by
in SecurityNewsThe administrators of the Python Package Index (PyPI) have begun an effort to improve the hundreds of thousands of software packages that are listed. The attempt, which began earlier last year, is to identify and stop malware-laced packages from proliferating across the open-source community that contributes and consumes Python software. As previously reported, hijacking Python…
-
ChatGPT API flaws could allow DDoS, prompt injection attacks
by
in SecurityNewsOpenAI-owned ChatGPT might have a vulnerability that could allow threat actors to launch distributed denial of service (DDoS) attacks on unsuspecting targets. According to a discovery made by German security researcher Benjamin Flesch, the ChatGPT crawler, which OpenAI uses to collect data from the internet to improve ChatGPT, can be tricked into DDoSing arbitrary websites. “ChatGPT crawler…
-
HPE’s sensitive data exposed in alleged IntelBroker hack
by
in SecurityNewsIntelBroker has struck again. This time, the notorious BreachForums bigwig, which has a long list of high-profile victims, including Europol, Cisco, and GE, has claimed to have breached IT giant Hewlett Packard Enterprise (HPE).The suspected Serbian-origin hacker is offering to sell on BreachForums, sensitive data allegedly stolen from HPE including product source codes and personally…
-
How organizations can secure their AI code
by
in SecurityNews
Tags: ai, application-security, awareness, backdoor, breach, business, chatgpt, ciso, compliance, control, credentials, crime, cybersecurity, data, data-breach, finance, github, healthcare, LLM, malicious, ml, open-source, organized, programming, risk, risk-management, software, startup, strategy, supply-chain, technology, tool, training, vulnerabilityIn 2023, the team at data extraction startup Reworkd was under tight deadlines. Investors pressured them to monetize the platform, and they needed to migrate everything from Next.js to Python/FastAPI. To speed things up, the team decided to turn to ChatGPT to do some of the work. The AI-generated code appeared to function, so they…
-
Bogus LDAPNightmare POC Deploys Infostealer Via Malicious GitHub Repo
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/bogus-ldapnightmare-poc-deploys-infostealer-via-github-repo
-
GitHub CISO on security strategy and collaborating with the open-source community
by
in SecurityNewsIn this Help Net Security, Alexis Wales, CISO at GitHub, discusses how GitHub embeds security into every aspect of its platform to protect millions of developers and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/13/alexis-wales-github-ciso-security-strategy/
-
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/
-
Banshee macOS stealer supports new evasion mechanisms
Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called…