Since mid-January, attackers have targeted owners of GitHub repositories with the Dimnie data-stealer malware. It is a relatively unknown threat actor. Attackers have targeted developers having Github repositories with a data-stealing malware called Dimnie. The malicious code includes keylogging features and modules that capture screenshots. The Dimnie malware was spotted by researchers at Palo Alto Networks in mid-January when an […]
Trend Micro discovered the Chinese threat actor Winnti has been abusing GitHub service for command and control (C&C) communications. Security experts at Trend Micro continue to monitor the activities of the Chinese Winnti hacker group, this time the hackers have been abusing GitHub for command and control (C&C) communications. “Recently, the Winnti group, a threat actor with […]
On Tuesday evening Github became aware of unauthorized attempts to access a large number of its accounts, in response the company has reset their passwords. GitHub announced it has reset the passwords of a number of accounts after the company noticed unauthorized access. The hackers used credentials leaked online after the numerous data breaches suffered […]
Developers often ignore that they are exposing sensitive data when they publish code containing their Slack access tokens on GitHub. It was the year 2015, the month of March when Slack officially posted the following statement on their corporate blog: âthere was unauthorized access to a Slack database storing user profile information. We have since […]
GitHubhit by another major DDoS attack to because Chinese developers have been forced by police to remove projects of tools to circumvent “Great Firewall.” The software collaboration site GitHub was hit by another DDoS on Tuesday morning that made the website unavailable to many users for several hours. The GitHub platform already suffered a major DDoS attack in March, in that […]
Security experts Ben Cox explained that the official Github repositories of the UK Government, Spotify, and Python were accessed using compromised SSH keys. Ben Cox, engineer at CloudFlare revealed that the official Github repositories of the UK Government, Spotify, and Python were accessed by using legitimate SSH keys. It seems that the keys were compromised […]
A security researcher discovered a couple of security issues on GitHub platform explaining how it is possible to exploit them in real attack scenarios. The researcher David Sopas (@dsopas) from Websegura discovered a couple of security issues in the coding website GitHub that were ranked by the company as minor, but that could expose users to cyber attacks. […]
The Chinese Government is suspected for the large-scale distributed denial of service (DDoS) attack that hit the popular GitHub website. The popular coding website Github suffered a large-scale distributed denial of service (DDoS) attack that lasted more than 24 hours starting from Thursday night. The attack exploited the redirection of users who were connecting to many other websites on the […]