Browsing tag
A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw “could allow an attacker to exploit a race condition within GitHub’s repository creation and username renaming operations,” Checkmarx security researcher Elad Rapoport said in a technical report shared with The Hacker News. “Successful […]
The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at Linux users. The attacks are part of a persistent and long-running activity tracked under the name Operation Dream Job, ESET said in a new report published today. The findings are crucial, not least because it […]
New research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware to victim systems. GitHub Codespaces is a cloud-based configurable development environment that allows users to debug, maintain, and commit changes to a given codebase from a web browser or via an integration in […]
Okta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were accessed in an unauthorized manner earlier this month. “There is no impact to any customers, including any HIPAA, FedRAMP, or DoD customers,” the company said in a public statement. “No action is required by […]
Security researchers are warning of “a trove of sensitive information” leaking through urlscan.io, a website scanner for suspicious and malicious URLs. “Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable,” Positive Security co-founder, Fabian Bräunlein, said in a report published on November 2, 2022. The […]
Cloud-based repository hosting service GitHub has addressed a high-severity security flaw that could have been exploited to create malicious repositories and mount supply chain attacks. The RepoJacking technique, disclosed by Checkmarx, entails a bypass of a protection mechanism called popular repository namespace retirement, which aims to prevent developers from pulling unsafe repositories with the same […]
Cloud-based code hosting platform GitHub has announced that it will now start sending Dependabot alerts for vulnerable GitHub Actions to help developers fix security issues in CI/CD workflows. “When a security vulnerability is reported in an action, our team of security researchers will create an advisory to document the vulnerability, which will trigger an alert […]
An unpatched security issue in the Travis CI API has left tens of thousands of developers’ user tokens exposed to potential attacks, effectively allowing threat actors to breach cloud infrastructures, make unauthorized code changes, and initiate supply chain attacks. “More than 770 million logs of free tier users are available, from which you can easily […]
A Chinese state-sponsored espionage group known as Override Panda has resurfaced in recent weeks with a new phishing attack with the goal of stealing sensitive information. “The Chinese APT used a spear-phishing email to deliver a beacon of a Red Team framework known as ‘Viper,’” Cluster25 said in a report published last week. “The target […]
GitHub on Monday noted that it had notified all victims of an attack campaign, which involved an unauthorized party downloading private repository contents by taking advantage of third-party OAuth user tokens maintained by Heroku and Travis CI. “Customers should also continue to monitor Heroku and Travis CI for updates on their own investigations into the […]
Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations. “An attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM,” […]
The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository. On Friday, the US Cybersecurity and Infrastructure Security Agency (CISA) released a warning to disclose an incident related to the GitHub Advisory Database. According to CISA, a crypto-mining malware was hidden in a popular […]
If you are reading this, thinking about your personal data or even secrets, you may have bigger problems than you can solve. The secrets we are talking about here, have to do with GitHub. Therefore, they can be API keys, usernames, passwords, and other sensitive information, located in these environments. Thankfully, there are solutions. Here […]
Code-hosting platform GitHub Friday officially announced a series of updates to the site’s policies that delve into how the company deals with malware and exploit code uploaded to its service. “We explicitly permit dual-use security technologies and content related to research into vulnerabilities, malware, and exploits,” the Microsoft-owned company said. “We understand that many security […]
Around two years back, North Carolina State University researchers discovered [PDF] that over 100,000 GitHub repositories had leaked cryptographic (TLS and SSH) keys and API tokens. The researchers discovered this by scanning only 13% of its public repositories over six months and found that thousands of new repositories were leaking secrets almost daily. GitHub Announces […]
So far, Facebook Messenger users in 80 countries have been targeted by this phishing scam, reports Group-IB. The Singapore-based cybersecurity firm Group-IB has released a new report providing details of a new phishing campaign affecting users in over 80 countries. The ‘global threat hunting and adversary-centric cyber intelligence agency’ revealed in its report that threat actors are […]
A tool to hunt for credentials in the GitHub wild AKA git*hunt Getting started Install the tool Configure your GitHub token Search for credentials See results cat results.json | jq Installation requirements: virtualenv, python3 git clone https://github.com/d1vious/git-wild-hunt && cd git-wild-hunt clone project and cd into the project dir pip install virtualenv && virtualenv -p […]
In its latest blog post, the code hosting platform GitHub has announced that it is adding an HTTP header for github.com and github.io and added return “Permissions-Policy: interest-cohort=()” header, which is a move that would block Google’s FLoC. FLoC will be blocked on any webpage or website hosted on these two domains. However, GitHub didn’t […]
The database was available for anyone to access without a password. Recently on October 16, 2019, a team of two dark web researchers named Bob Diachenko and Vinny Troia discovered a database containing a massive trove of personal records of more than 1.2 billion people. While they were looking for exposures through BinaryEdge and Shodan, they stumbled […]
At the ongoing GitHub Universe event, COO Erica Brescia unveiled a series of announcements focused on securing the open-source code. The major highlights include the launch of a new community program Security Lab that will help developers and security researchers from different organizations to spot and fix bugs in open-source software. The founding members of this […]
Like every year, GitHub has released its annual Octoverse 2019 report where it highlights the major changes and trends in the developer community. As far as programming languages are concerned, Python has outranked Java as the second most popular language on GitHub. Meanwhile, Dart was named the fastest-growing programming language on the platform. Top 10 […]