Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro....
Facebook messages are being used by threat actors to distribute a Python-based information stealer dubbed Snake that’s designed to capture credentials and...
GitHub on Thursday announced that it’s enabling secret scanning push protection by default for all pushes to public repositories. “This means that...
An “intricately designed” remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it easily accessible to other...
A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer...
Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake...
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software...
GitHub has revealed that it has rotated some keys in response to a security vulnerability that could be potentially exploited to gain...
Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer....
Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands...
Let’s begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which...
New research has found that over 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. “More than 9,000...
A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to...
A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw...
The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at Linux users....
New research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware...
Okta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were accessed...
Security researchers are warning of “a trove of sensitive information” leaking through urlscan.io, a website scanner for suspicious and malicious URLs. “Sensitive...
Cloud-based repository hosting service GitHub has addressed a high-severity security flaw that could have been exploited to create malicious repositories and mount...
Cloud-based code hosting platform GitHub has announced that it will now start sending Dependabot alerts for vulnerable GitHub Actions to help developers...
An unpatched security issue in the Travis CI API has left tens of thousands of developers’ user tokens exposed to potential attacks,...