GitHub

Pierluigi Paganini May 20, 2024
GitCaught campaign relies on Github and Filezilla to deliver multiple malware

Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Future’s Insikt Group discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors from the Commonwealth of Independent States (CIS). The attackers, tracked as GitCaught, used a GitHub profile to impersonate legitimate software applications, including 1Password, Bartender 5, and […]

Pierluigi Paganini April 13, 2024
Crooks manipulate GitHub’s search results to distribute malware

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that threat actors are manipulating GitHub search results to deliver persistent malware to developers systems. Attackers behind this campaign create malicious repositories with popular names and topics, they were observed using techniques like automated updates and fake […]

Pierluigi Paganini March 17, 2024
“gitgub” malware campaign targets Github users with RisePro info-stealer

Cybersecurity researchers discovered multiple GitHub repositories hosting cracked software that are used to drop the RisePro info-stealer. G-Data researchers found at least 13 such Github repositories hosting cracked software designed to deliver the RisePro info-stealer. The experts noticed that this campaign was named “gitgub” by its operators. The researchers started the investigation following Arstechnica’s story about […]

Pierluigi Paganini September 12, 2023
A new Repojacking attack exposed over 4,000 GitHub repositories to hack

A critical vulnerability in GitHub could have exposed more than 4,000 code packages to Repojacking attack. Checkmarx researchers discovered a new vulnerability in GitHub could have exposed over 4,000 packages to repojacking attacks. In the RepoJacking attack, attackers claim the old username of a repository after the legitimate creator changed the username, then publish a rogue […]

Pierluigi Paganini October 31, 2022
GitHub flaw could have allowed attackers to takeover repositories of other users

A critical flaw in the cloud-based repository hosting service GitHub could’ve allowed attackers to takeover other repositories. The cloud-based repository hosting service GitHub has addressed a vulnerability that could have been exploited by threat actors to takeover the repositories of other users. The vulnerability was discovered by Checkmarx that called the attack technique RepoJacking. The […]

Pierluigi Paganini May 28, 2022
GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack

GitHub provided additional details into the theft of its integration OAuth tokens that occurred in April, with nearly 100,000 NPM users’ credentials. GitHub provided additional details about the incident that suffered in April, the attackers were able to steal nearly 100K NPM users’ credentials. In April, GitHub uncovered threat actors using stolen OAuth user tokens to gain […]

Pierluigi Paganini April 17, 2022
Stolen OAuth tokens used to download data from dozens of organizations, GitHub warns

GitHub reported that threat actors used stolen OAuth user tokens to exfiltrate private data from several organizations. GitHub uncovered threat actors using stolen OAuth user tokens to gain access to their repositories and download private data from several organizations. Threat actors abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, […]

Pierluigi Paganini April 11, 2022
Dependency Review GitHub Action prevents adding known flaws in the code

Dependency Review GitHub Action scans users’ pull requests for dependency changes and will raise an error if any new dependencies have existing flaws. GitHub announced Dependency Review GitHub Action which scans users’ pull requests for dependency changes and will raise an error if any new dependencies have existing flaws that can be exploited in supply […]

Pierluigi Paganini November 16, 2021
GitHub addressed two major vulnerabilities in the NPM package manager

Maintainers of the npm package manager for the JavaScript programming language disclosed multiple flaws that were recently addressed. GitHub disclosed two major vulnerabilities in the npm that have been already addressed. The first vulnerability can be exploited by an attacker to publish new versions of any npm package using an account without proper authorization. The flaw was reported by […]

Pierluigi Paganini August 13, 2021
Google open-sourced Allstar tool to secure GitHub repositories

Google has open-sourced the Allstar tool that can be used to secure GitHub projects and prevent security misconfigurations. Google has open-sourced the Allstar tool that can be used to secure GitHub projects by enforcing a set of security policies to prevent misconfiguration. “Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its […]