Threat Actors Weaponize GitHub Accounts to Distribute Payloads, Tools, and Amadey Malware Plugins
Cisco Talos' thorough investigation reveals a sophisticated Malware-as-a-Service (MaaS) operation that uses GitHub as an open directory to distribute malicious payloads, tools, and Amadey...
Hackers Abuse GitHub to Spread Malware Posing as VPN Software
Researchers at CYFIRMA have discovered an ongoing malware campaign that uses GitHub, one of the most reliable code repositories on the internet, as a...
North Korean Hackers Exploit GitHub Infrastructure for Malware Delivery
A sophisticated threat campaign leveraging GitHub’s infrastructure has been attributed to the North Korean state-backed threat group Kimsuky (aka APT43).
Security analysts have uncovered...
Threat Actor Exploits GitHub, Hosts 60 Repositories Containing Hundreds of Malware Samples
A recent campaign uncovered by ReversingLabs threat researchers highlights a worrying escalation in the tactics used to compromise the open-source software ecosystem.
At least...
GitHub Actions in Open Source Projects Found to Contain Critical Vulnerabilities, Warn MITRE and Splunk
A recent investigation has uncovered critical security vulnerabilities in GitHub Actions workflows used by several major open source projects, including those maintained by MITRE...
