Tag: github
-
Hackers Hide Remcos RAT in GitHub Repository Comments
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/hackers-hide-remcos-rat-github-comments
-
GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a wa… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html
-
China-Backed APT Group Culling Thai Government Data
by
in SecurityNewsCeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/new-china-backed-apt-group-culling-thai-government-data
-
JFrog and GitHub unveil open source security integrations
by
in SecurityNewsSecure software specialist JFrog is working with code development service GitHub to integrate the onboard capabilities of its Software Supply Chain Pl… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366609897/JFrog-and-GitHub-unveil-new-open-source-security-integrations
-
JFrog connects key software supply chain management dots
by
in SecurityNewsJFrog ties in with GitHub and Nvidia and ships Runtime Security to offer visibility into software supply chains from source code to production and bac… First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366610120/JFrog-connects-key-software-supply-chain-management-dots
-
Neue APT-Gruppe CeranaKeeper missbraucht Dropbox und Github
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Neue-APT-Gruppe-CeranaKeeper-missbraucht-Dropbox-und-Github-9961562.html
-
Clever ‘GitHub Scanner’ campaign abusing repos to push malware
by
in SecurityNewsA clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are su… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/
-
Beware Mac Users: Fake AppleCare+ Support Scam Lures Victims via GitHub Repos
by
in SecurityNewsA new fraudulent campaign targeting Mac users seeking AppleCare+ support or extended warranties has been uncovered by cybersecurity experts at Malware… First seen on securityonline.info Jump to article: securityonline.info/beware-mac-users-fake-applecare-support-scam-lures-victims-via-github-repos/
-
GitHub Copilot Autofix tackles vulnerabilities with AI
by
in SecurityNewsGitHub says Copilot Autofix drastically reduced the median time to remediate vulnerabilities in beta testing from 90 minutes for manual fixes to 28 mi… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366603045/GitHub-Copilot-Autofix-tackles-vulnerabilities-with-AI
-
GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code
by
in SecurityNewsThreat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped s… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/github-actions-vulnerable-to.html
-
You probably want to patch this critical GitHub Enterprise Server bug now
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/08/21/patch_github_enterprise_bug/
-
GitHub comments abused to push password stealing malware masked as fixes
by
in SecurityNewsFirst seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-comments-abused-to-push-password-stealing-malware-masked-as-fixes/
-
Attackers Spread Lumma Stealer Malware GitHub Comments
by
in SecurityNewsCybercriminals are leveraging platforms like GitHub to spread the Lumma information stealer malware. This sophisticated threat is part of a growing tr… First seen on gbhackers.com Jump to article: gbhackers.com/lumma-stealer-malware-github/
-
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
by
in SecurityNewsGitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be a… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/github-patches-critical-security-flaw.html
-
GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices
by
in SecurityNewsWorried about GitHub Copilot’s security and privacy concerns? Learn about potential risks and best practices to protect yourself and your organization… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/github-copilot-security-and-privacy-concerns-understanding-the-risks-and-best-practices/
-
Admin-Attacken auf GitHub Enterprise Server möglich
by
in SecurityNews
Tags: githubFirst seen on heise.de Jump to article: www.heise.de/news/Admin-Attacken-auf-GitHub-Enterprise-Server-moeglich-9843620.html
-
Copilot Autofix by GitHub launches
by
in SecurityNews
Tags: githubFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/copilot-autofix-by-github-launches
-
There is no real fix to the security issues recently found in GitHub and other similar software
by
in SecurityNewsThe lesson for users, especially if you’re a private company that primarily uses GitHub, is just to understand the inherent dangers of using open-sour… First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/threat-source-newsletter-aug-1-2024/
-
Researcher says deleted GitHub data can be accessed ‘forever’
by
in SecurityNewsTruffle Security researcher John Leon warned GitHub users that deleted repository data is never actually deleted, which creates an enormous attack vec… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366599096/Researcher-says-deleted-GitHub-data-can-be-accessed-forever
-
USENIX Security ’23 ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions
by
in SecurityNewsAuthors/Presenters:Siddharth Muralee, Igibek Koishybayev, Aleksandr Nahapetyan, Greg Tystahl, Brad Reaves, Antonio Bianchi, William Enck, Alexandros K… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/usenix-security-23-argus-a-framework-for-staged-static-taint-analysis-of-github-workflows-and-actions/
-
Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)
by
in SecurityNewsA critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unr… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/22/cve-2024-6800/
-
Developers Beware! Fake Job Offers from Legitimate Github Address
A new phishing campaign is targeting developers by exploiting GitHub’s legitimate infrastructure. This sophisticated attack involves fake job offers s… First seen on gbhackers.com Jump to article: gbhackers.com/developers-beware-fake-job-offers/
-
Schwachstellen im Code dreimal schneller beheben
by
in SecurityNewsFirst seen on golem.de Jump to article: www.golem.de/news/github-schwachstellen-im-code-dreimal-schneller-beheben-2408-187990.html
-
GitHub Vulnerability ‘ArtiPACKED’ Exposes Repositories to Potential Takeover
by
in SecurityNewsA newly discovered attack vector in GitHub Actions artifacts dubbed ArtiPACKED could be exploited to take over repositories and gain access to organiz… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/github-vulnerability-artipacked-exposes.html
-
GitHub fixed a new critical flaw in the GitHub Enterprise Server
by
in SecurityNewsGitHub addressed three vulnerabilities in its GitHub Enterprise Server product, including a critical authentication flaw. GitHub addressed three secur… First seen on securityaffairs.com Jump to article: securityaffairs.com/167387/security/github-enterprise-server-critical-flaw.html
-
GitHub Enterprise Server vulnerable to critical auth bypass flaw
by
in SecurityNewsA critical vulnerability affecting multiple versions of GitHub Enterprise Server could be exploited to bypass authentication and enable an attacker to… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-enterprise-server-vulnerable-to-critical-auth-bypass-flaw/
-
Critical Authentication Flaw Haunts GitHub Enterprise Server
by
in SecurityNewsGitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users. The post Critica… First seen on securityweek.com Jump to article: www.securityweek.com/critical-authentication-flaw-haunts-github-enterprise-server/