Jul 28, 2025Ravie LakshmananMalware / Developer Instruments In what is the newest occasion of a software program provide chain assault,…
Read More
CastleLoader Malware Infects 469 Gadgets Utilizing Pretend GitHub Repos and ClickFix Phishing
Jul 24, 2025Ravie LakshmananMalware / Cybercrime Cybersecurity researchers have make clear a brand new versatile malware loader referred to as…
Read More
Hackers Use GitHub Repositories to Host Amadey Malware and Information Stealers, Bypassing Filters
Jul 17, 2025Ravie LakshmananMalware / Social Engineering Risk actors are leveraging public GitHub repositories to host malicious payloads and distribute…
Read More
Over 600 Laravel Apps Uncovered to Distant Code Execution Attributable to Leaked APP_KEYs on GitHub
Cybersecurity researchers have found a severe safety concern that enables leaked Laravel APP_KEYs to be weaponized to achieve distant code…
Read More
GitHub hit by a classy malware marketing campaign as ‘Banana Squad’ mimics well-liked repos
The repository names have been discovered to be similar to a number of different non-trojanized repositories, indicating some type of…
Read More
67 Trojanized GitHub Repositories Present in Marketing campaign Concentrating on Avid gamers and Builders
Cybersecurity researchers have uncovered a brand new marketing campaign by which the risk actors have revealed greater than 67 GitHub…
Read More
Water Curse Employs 76 GitHub Accounts to Ship Multi-Stage Malware Marketing campaign
Cybersecurity researchers have uncovered a beforehand unknown menace actor generally known as Water Curse that depends on weaponized GitHub repositories…
Read More
1,500+ Minecraft Gamers Contaminated by Java Malware Masquerading as Sport Mods on GitHub
A brand new multi-stage malware marketing campaign is focusing on Minecraft customers with a Java-based malware that employs a distribution-as-service…
Read More
GitHub Actions assault renders even security-aware orgs susceptible
One assault vector Sysdig investigated concerned GitHub Actions workflows that set off on the pull_request_target occasion. In accordance with Sysdig,…
Read More
Cryptojacking Marketing campaign Exploits DevOps APIs Utilizing Off-the-Shelf Instruments from GitHub
Cybersecurity researchers have found a brand new cryptojacking marketing campaign that is focusing on publicly accessible DevOps internet servers reminiscent…
Read More
