Tag: github
-
New York Times source code compromised via exposed GitHub token
by
in SecurityNewsThe source code and data of The New York Times leaked on the 4chan was stolen from the company’s GitHub repositories in January 2024. This week, VX-Un… First seen on securityaffairs.com Jump to article: securityaffairs.com/164280/data-breach/new-york-times-source-code-leaked.html
-
New York Times source code stolen using exposed GitHub token
by
in SecurityNewsInternal source code and data belonging to The New York Times was leaked on the 4chan message board after being stolen from the company’s GitHub repos… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-york-times-source-code-stolen-using-exposed-github-token/
-
Google Accidentally Published Internal Search Docs To GitHub
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35958/Google-Accidentally-Published-Internal-Search-Docs-To-GitHub.html
-
Erpresser übernehmen GitHub-Repositories, greifen Daten ab und löschen Inhalte
by
in SecurityNewsHacker haben vermutlich über Phishing GitHub-Zugangsdaten abgegriffen, die Inhalte der Repositories kopiert und gelöscht und dann die Betroffenen erpr… First seen on heise.de Jump to article: www.heise.de/news/Erpresser-uebernehmen-GitHub-Repositories-greifen-Daten-ab-und-loeschen-Inhalte-9751516.html
-
8th April Threat Intelligence Report
by
in SecurityNewsAcuity, a federal contractor, confirmed a cyber incident where hackers accessed its GitHub repositories, and stole various documents. The breach, link… First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/8th-april-threat-intelligence-report/
-
GitHub repositories compromised in ongoing Gitloker intrusions
by
in SecurityNews
Tags: githubFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/github-repositories-compromised-in-ongoing-gitloker-intrusions
-
New Gitloker attacks wipe GitHub repos in extortion scheme
by
in SecurityNewsFirst seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/
-
GitHub Server Flaw Causes Critical Authentication Bypass
by
in SecurityNewsRecent developments have highlighted a critical security flaw in GitHub Enterprise Server, underscoring the importance of proactive measures to ensure… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/github-server-flaw-causes-critical-authentication-bypass/
-
Der Nerd-Weg, um den Windows Defender abzuschalten
by
in SecurityNewsFirst seen on golem.de Jump to article: www.golem.de/news/github-der-nerd-weg-um-den-windows-defender-abzuschalten-2405-185537.html
-
Compromising ByteDance’s Rspack using GitHub Actions Vulnerabilities
by
in SecurityNewsOverview Recently, we identified several critical Pwn Request vulnerabilities within GitHub Actions used by the Rspack repository. These vulnerabiliti… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/compromising-bytedances-rspack-using-github-actions-vulnerabilities/
-
Github Enterprise Server: Sicherheitslücke verleiht Angreifern Admin-Zugriff
by
in SecurityNewsDie Schwachstelle betrifft alle GHES-Versionen vor 3.13.0 und erreicht den größtmöglichen CVSS-Score von 10. Gefährdet sind Instanzen mit SAML-SSO-Aut… First seen on golem.de Jump to article: www.golem.de/news/github-enterprise-server-sicherheitsluecke-verleiht-angreifern-admin-zugriff-2405-185314.html
-
GitHub Authentication Bypass Opens Enterprise Server to Attackers
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/github-authentication-bypass-opens-enterprise-server-attackers
-
Critical GitHub Enterprise Server Flaw Allows Authentication Bypass
by
in SecurityNewsGitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentic… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/critical-github-enterprise-server-flaw.html
-
Researchers Exploited Nexus Repository Using Directory Traversal Vulnerability
by
in SecurityNewsHackers target and exploit GitHub repositories for a multitude of reasons and illicit purposes. The widespread use of GitHub and the diverse range of … First seen on gbhackers.com Jump to article: gbhackers.com/researchers-exploit-nexus-repository-directory-traversal/
-
GitHub Fixes Maximum Severity Flaw in Enterprise Server
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/github-maximum-severity-flaw/
-
Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail
A multi-faceted campaign has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking tr… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/cyber-criminals-exploit-github-and.html
-
GitHub Enterprise Server Patches 10-outta-10 Critical Hole
by
in SecurityNews
Tags: githubFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35911/GitHub-Enterprise-Server-Patches-10-outta-10-Critical-Hole.html
-
GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)
by
in SecurityNewsA critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been f… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/05/23/cve-2024-4985/
-
GitHub addresses maximum severity Enterprise Server vulnerability
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/github-addresses-maximum-severity-enterprise-server-vulnerability
-
GitHub Issues Patch for Critical Exploit in Enterprise Server
by
in SecurityNewsThe vulnerability affects all GHES versions prior to 3.13.0 and achieves the highest possible CVSS score of 10. Instances with SAML SSO authentication… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/github-issues-patch-for-critical-exploit-in-enterprise-server/
-
Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!
by
in SecurityNewsGitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication. GitHub has rolled out s… First seen on securityaffairs.com Jump to article: securityaffairs.com/163515/hacking/github-enterprise-server-cve-2024-4985.html
-
GitHub, FileZilla exploited for multiple malware delivery
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/github-filezilla-exploited-for-multiple-malware-delivery
-
GitHub warns of SAML auth bypass flaw in Enterprise Server
by
in SecurityNewsGitHub has fixed a maximum severity (CVSS v4 score: 10.0) authentication bypass vulnerability tracked as CVE-2024-4986, which impacts GitHub Enterpris… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-warns-of-saml-auth-bypass-flaw-in-enterprise-server/
-
GitHub vulnerability leaks sensitive security reports
by
in SecurityNewsThe vulnerability is triggered when GitHub users correct code or other mistakes they discover on repositories. But GitHub does not believe it warrants… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366582060/GitHub-vulnerability-leaks-sensitive-security-reports
-
Mandatory MFA pays off for GitHub and OSS community
by
in SecurityNewsFirst seen on computerweekly.com Jump to article: www.computerweekly.com/news/366582113/Mandatory-MFA-pays-off-for-GitHub-and-OSS-community
-
GitCaught campaign relies on Github and Filezilla to deliver multiple malware
by
in SecurityNewsResearchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Futur… First seen on securityaffairs.com Jump to article: securityaffairs.com/163463/cyber-crime/gitcaught-campaign-github-filezilla-malware.html
-
Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets
by
in SecurityNewsAlerted by a recent discovery of employee personal GitHub repos exposing internal Azure and Red Hat secrets, this article dives into the dangers of Sh… First seen on hackread.com Jump to article: www.hackread.com/shadow-it-github-repos-employee-cloud-secrets/
-
Cyber Criminals Exploit GitHub and FileZilla to Deliver Cocktail Malware
A multi-faceted campaign has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking tr… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/cyber-criminals-exploit-github-and.html
-
Threat Actors Abuse GitHub to Distribute Multiple Information Stealers
by
in SecurityNewsRussian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software. The post speaking… First seen on securityweek.com Jump to article: www.securityweek.com/threat-actors-abuse-github-to-distribute-multiple-information-stealers/
-
Supply chain attack abuses GitHub features to spread malware
by
in SecurityNewsCheckmarx warned developers to be cautious when choosing which repositories to use, as attackers are manipulating GitHub features to boost malicious c… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366580379/Supply-chain-attack-abuses-GitHub-features-to-spread-malware