Tag: github

GitHub comments abused to push malware via Microsoft repo URLs
News

GitHub comments abused to push malware via Microsoft repo URLs

Threat actors are using a GitHub bug, or perhaps a design choice, to spread malware via URLs linked to a Microsoft repository, giving the files the appearance of being reliable. Threat actors could utilize this "flaw" to generate very convincing lures using any public repository on GitHub, even though the majority of malware activity has been focused on Microsoft GitHub URLs. A new LUA malware loader was discovered by McAfee yesterday, and it was made available via what looked to be an authentic Microsoft GitHub repository for the "C++ Library Manager for Windows, Linux, and MacOS," or vcpkg. Although the malware installers' URLs, which are displayed below, unmistakably point to the Microsoft repository, we were unable to locate any mention of the files in the project's source co...
Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
News

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Researchers studying cybersecurity have discovered several GitHub repositories with cracked software that distributes an information-stealing program known as RisePro. According to G DATA, the gitgub campaign consists of 17 repositories linked to 11 distinct identities. The Microsoft-owned business has since removed the aforementioned repositories. The README.md file in the repositories appears to be similar, and it offers free cracked software, according to the German cybersecurity business. On Github, circles in the colors green and red are frequently used to indicate the status of automated builds. Four green Unicode circles that appear to show a status along with the current date and give the impression of validity and recentness were inserted by Gitgub threat actors to their...
GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories
News

GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories

On Thursday, GitHub declared that all pushes to public repositories will now automatically enable secret scanning push protection. This implies that you will be able to either remove a supported secret from your commits or, if you think the secret is secure, skip the block, whenever a supported secret is found in any push to a public repository. remarked Courtney Claessens and Eric Tooley. Although push protection has been in testing since April 2022, it was first introduced as an opt-in feature in August 2023. May 2023 marked the general release of the product. To stop fraudulent use of tokens by bad actors, the secret scanning tool is designed read more GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories. Get up to date on the latest cybersecurit...
EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub
News

EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub

In an attempt to aid cryptojacking activities, a new continuing campaign known as EleKtra-Leak has focused on exposed identity and access management (IAM) credentials from Amazon Web Services (AWS) inside open GitHub projects. Researchers William Gamazo and Nathaniel Quist of Palo Alto Networks Unit 42 said in a technical report shared with The Hacker News that "as a result of this, the threat actor associated with the campaign was able to create multiple AWS Elastic Compute (EC2) instances that they used for wide-ranging and long-lasting cryptojacking operations." Operating since December 2020 at the latest, the operation's goal is to mine Monero from up to 474 distinct Amazon EC2 instances between read more EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on ...
Malicious Actors Exploit GitHub to Distribute Fake Exploits
News

Malicious Actors Exploit GitHub to Distribute Fake Exploits

There have been a number of fraudulent GitHub repositories identified that pretend to be real security research initiatives. According to a new advisory released today by VulnCheck researcher Jacob Baines, the repositories assert to have exploits for well-known companies including Chrome, Exchange, and Discord. "VulnCheck discovered a fraudulent GitHub repository that claimed to be a Signal 0-day in early May. When the team informed GitHub about the repository, it was promptly deleted read more Malicious Actors Exploit GitHub to Distribute Fake Exploits. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cybersecurity awareness, and the latest cybersecurity news to safeguard your digital world.
Twitter source code leaked via GitHub
News

Twitter source code leaked via GitHub

According to a DMCA takedown notice, a portion of the source code for the social media website Twitter was exposed via the source code repository GitHub. According to the DMCA filing, the stolen information contained "proprietary source code for Twitter's platform and internal tools." The code was deleted after the DMCA request. A person going by the screen moniker "FreeSpeechEnthusiast" leaked the source code. Although it is unknown how long the source code was accessible, the account has been in use at least since January 2023 read more Twitter source code leaked via GitHub. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurity news.
GitHub Updates Security Protocol For Operations Over SSH
News

GitHub Updates Security Protocol For Operations Over SSH

After learning the key was briefly exposed in a public repository, the repository hosting provider GitHub announced it is replacing its current RSA SSH host key with a new one as a precaution. In a post earlier today, GitHub stated, "We quickly took action to control the exposure and started investigating to identify the core cause and consequences." The key replacement is now complete, and users will notice the change over the following 30 minutes. The company stated that the modification was made in order to safeguard customers' Git operations over SSH, especially from potential threat actors seeking to pose as GitHub read more GitHub Updates Security Protocol For Operations Over SSH. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our...
GitHub releases blueprint for budding open source program offices
News

GitHub releases blueprint for budding open source program offices

GitHub has made available internal instructions and tools for setting up an open-source program office (OSPO). Aimed at companies creating their first OSPO, the new GitHub-OSPO repository on GitHub (where else?) contains everything from regulations governing contributor license agreements (CLA) to instructions on archiving repositories. Helping small-scale open-source projects develop into something more significant and organized is essentially what it's all about read more GitHub releases blueprint for budding open source program offices. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
Hackers Breach Okta’s GitHub Repositories, Steal Source Code
Business, Risk, Security

Hackers Breach Okta’s GitHub Repositories, Steal Source Code

The identity and access management service provider Okta said on Wednesday that several of its source code repositories had been improperly accessed earlier this month. According to the firm, "There is no impact to any clients, including any HIPAA, FedRAMP, or DoD customers." Customers are not compelled to take any action. Unknown threat actors gained access to the code repositories for the Okta Workforce Identity Cloud (WIC), which are housed on GitHub, according to the security incident, which was initially reported by Bleeping Computer. The source code was subsequently copied by abusing the access read the complete article Hackers Breach Okta's GitHub Repositories, Steal Source Code.