Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. The ...
Since the Dependency Graph feature is intertwined with the Security Alerts (Vulnerability Alerts) feature, this also means GitHub users will also be eligible to receive automatic security alerts for ...
Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...
GitHub has a ton of open source options for security professionals, with new entries every day. Add these tools to your collection and work smarter. Whether you are a sysadmin, a threat intel analyst, ...
GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories, helping them reach more unsuspecting users. Stars are similar ...
Researchers have uncovered an attack vector that affected GitHub open source projects owned by Google, Microsoft, Amazon Web Services, and others, executed by abusing artifacts generated as part of ...
On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials ...
GitHub has been continuously hammered for three days by a DDoS attack aimed at anti-censorship GreatFire and CN-NYTimes projects. According to tweeted GitHub status messages, GitHub has been the ...
Sysdig exposed how a trusted GitHub feature can silently hand control to attackers pull_request_target isn’t just risky, it’s a loaded weapon in the wrong hands Even top-tier security projects like ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback