cyber security
Fake Proxifier GitHub Installer Spreads ClipBanker Crypto Malware
Hackers are abusing a fake Proxifier installer hosted on GitHub to deliver a multi‑stage ClipBanker malware that silently hijacks cryptocurrency transactions from infected systems.
The campaign combines search‑engine poisoning,...
CVE/vulnerability
Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data
A high-severity flaw in GitHub Copilot Chat recently allowed attackers to silently steal sensitive data like API keys and private source code.
Tracked as...
cyber security
GitHub, GitLab Abused for Malware and Phishing Campaigns
Hackers are increasingly abusing trusted software development platforms GitHub and GitLab to host malware and credential phishing campaigns, making defensive detection significantly harder for...
cyber security
Claude Code Leak Exploited to Spread Vidar and GhostSocks via GitHub Releases
Hackers are turning the Claude Code source leak into an active malware-delivery channel, using GitHub Releases to push the Vidar stealer and GhostSocks under...
cyber security
GitHub-Backed Malware Spread via LNK Files in South Korea
Hackers are abusing Windows shortcut files and GitHub to run a stealthy, multi‑stage malware campaign against organizations in South Korea.
The operation chains LNK files,...
cyber security
Fake GitHub CI Update Steals Secrets and Tokens
An automated campaign abusing GitHub’s pull_request_target workflow trigger to steal CI/CD secrets at scale.
The attacker, using the handle ezmtebo, fired off more than 475 malicious pull...
cyber security
North Korea Uses GitHub as C2 in New LNK Phishing Campaign
A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control...
AI
AI-Driven ‘OpenClaw Trap’ Campaign Targets Developers and Gamers via Trojanized GitHub Repos
A large-scale malware operation abusing GitHub to deliver a custom LuaJIT-based trojan to developers, gamers, and everyday users through convincing but trojanized repositories.
The...
Cyber Security News
Aqua Security’s Trivy Scanner Hit by Supply Chain Attack, Threatening Software Integrity
A sophisticated supply chain attack compromised Aqua Security’s popular open-source Trivy vulnerability scanner.
Threat actors successfully distributed malicious code through the project's GitHub Actions,...
cyber security
Open VSX Extension Delivers RAT and Stealer via GitHub Downloader
An Open VSX extension used by thousands of developers has been caught silently pulling a full-featured remote access trojan and infostealer from GitHub.
The...
cyber security
ForceMemo Hijacks GitHub Accounts, Backdoors Python Repos
ForceMemo is an active software supply‑chain campaign hijacking GitHub accounts and silently backdooring Python repositories via force‑pushed commits that look legitimate in the web...