Tag: github
-
GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a wa… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html
-
Researchers Debut AI Tool That Helps Detect Zero-Days
by
in SecurityNewsVulnerability Tool Detected Flaws in OpenAI and Nvidia APIs Used in GitHub Projects. Security researchers have developed an AI tool that can detect re… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/researchers-debut-ai-tool-that-helps-detect-zero-days-a-26575
-
GitHub patches critical vulnerability in its Enterprise Servers
by
in SecurityNewsFirst seen on cyberscoop.com Jump to article: cyberscoop.com/github-enterprise-vulnerability-sso-saml/
-
Github Enterprise Server: Angreifer können Authentifizierung umgehen
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Github-Enterprise-Server-Angreifer-koennen-Authentifizierung-umgehen-9982591.html
-
3,000 >>ghost accounts<< on GitHub spreading malware
In the past, cyber criminals directly distributed malware on GitHub using encrypted scripting code or malicious executables. But now threat actors are… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/3000-ghost-accounts-github-malware/
-
GitHub Issues Urgent Security Advisory on Critical Vulnerability in GitHub Enterprise Server
by
in SecurityNewsGitHub has released a critical security advisory highlighting vulnerabilities that merit immediate action from users of GitHub Enterprise Server (GHES… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/critical-github-vulnerability-advisory/
-
Hackers Hide Remcos RAT in GitHub Repository Comments
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/hackers-hide-remcos-rat-github-comments
-
GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a wa… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html
-
China-Backed APT Group Culling Thai Government Data
by
in SecurityNewsCeranaKeeper is bombarding Southeast Asia with data exfiltration attacks via file-sharing services such as Pastebin, OneDrive, and GitHub, researchers… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/new-china-backed-apt-group-culling-thai-government-data
-
JFrog and GitHub unveil open source security integrations
by
in SecurityNewsSecure software specialist JFrog is working with code development service GitHub to integrate the onboard capabilities of its Software Supply Chain Pl… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366609897/JFrog-and-GitHub-unveil-new-open-source-security-integrations
-
JFrog connects key software supply chain management dots
by
in SecurityNewsJFrog ties in with GitHub and Nvidia and ships Runtime Security to offer visibility into software supply chains from source code to production and bac… First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366610120/JFrog-connects-key-software-supply-chain-management-dots
-
Neue APT-Gruppe CeranaKeeper missbraucht Dropbox und Github
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Neue-APT-Gruppe-CeranaKeeper-missbraucht-Dropbox-und-Github-9961562.html
-
Clever ‘GitHub Scanner’ campaign abusing repos to push malware
by
in SecurityNewsA clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are su… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/
-
Beware Mac Users: Fake AppleCare+ Support Scam Lures Victims via GitHub Repos
by
in SecurityNewsA new fraudulent campaign targeting Mac users seeking AppleCare+ support or extended warranties has been uncovered by cybersecurity experts at Malware… First seen on securityonline.info Jump to article: securityonline.info/beware-mac-users-fake-applecare-support-scam-lures-victims-via-github-repos/
-
GitHub Copilot Autofix tackles vulnerabilities with AI
by
in SecurityNewsGitHub says Copilot Autofix drastically reduced the median time to remediate vulnerabilities in beta testing from 90 minutes for manual fixes to 28 mi… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366603045/GitHub-Copilot-Autofix-tackles-vulnerabilities-with-AI
-
GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code
by
in SecurityNewsThreat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped s… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/github-actions-vulnerable-to.html
-
You probably want to patch this critical GitHub Enterprise Server bug now
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/08/21/patch_github_enterprise_bug/
-
GitHub comments abused to push password stealing malware masked as fixes
by
in SecurityNewsFirst seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-comments-abused-to-push-password-stealing-malware-masked-as-fixes/
-
Attackers Spread Lumma Stealer Malware GitHub Comments
by
in SecurityNewsCybercriminals are leveraging platforms like GitHub to spread the Lumma information stealer malware. This sophisticated threat is part of a growing tr… First seen on gbhackers.com Jump to article: gbhackers.com/lumma-stealer-malware-github/
-
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
by
in SecurityNewsGitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be a… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/github-patches-critical-security-flaw.html
-
GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices
by
in SecurityNewsWorried about GitHub Copilot’s security and privacy concerns? Learn about potential risks and best practices to protect yourself and your organization… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/github-copilot-security-and-privacy-concerns-understanding-the-risks-and-best-practices/
-
Admin-Attacken auf GitHub Enterprise Server möglich
by
in SecurityNews
Tags: githubFirst seen on heise.de Jump to article: www.heise.de/news/Admin-Attacken-auf-GitHub-Enterprise-Server-moeglich-9843620.html
-
Copilot Autofix by GitHub launches
by
in SecurityNews
Tags: githubFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/copilot-autofix-by-github-launches
-
There is no real fix to the security issues recently found in GitHub and other similar software
by
in SecurityNewsThe lesson for users, especially if you’re a private company that primarily uses GitHub, is just to understand the inherent dangers of using open-sour… First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/threat-source-newsletter-aug-1-2024/
-
Researcher says deleted GitHub data can be accessed ‘forever’
by
in SecurityNewsTruffle Security researcher John Leon warned GitHub users that deleted repository data is never actually deleted, which creates an enormous attack vec… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366599096/Researcher-says-deleted-GitHub-data-can-be-accessed-forever
-
USENIX Security ’23 ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions
by
in SecurityNewsAuthors/Presenters:Siddharth Muralee, Igibek Koishybayev, Aleksandr Nahapetyan, Greg Tystahl, Brad Reaves, Antonio Bianchi, William Enck, Alexandros K… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/usenix-security-23-argus-a-framework-for-staged-static-taint-analysis-of-github-workflows-and-actions/