July 9, 2024 at 01:07AM Unknown threat actors have propagated trojanized versions of jQuery on npm, GitHub, and jsDelivr in a “complex and persistent” supply chain attack. Approximately 68 packages were linked to the campaign, exhibiting high variability and clever hiding techniques. The attacker introduced malicious changes in the “end” function, enabling the exfiltration of … Read more
June 13, 2024 at 03:59PM The New York Times notified contributors of a data breach on its GitHub repositories, leading to the exposure of personal information, including names, phone numbers, and email addresses. A 273GB torrent file containing stolen data was leaked, raising concerns about potential misuse of personal information. Affected individuals were advised to … Read more
June 10, 2024 at 06:25PM Threat actors are impersonating GitHub’s teams in phishing attacks, aiming to hijack repositories using malicious OAuth apps. These attackers have been targeting developers with fake job offers or security alerts via phishing emails and redirecting them to fake GitHub landing pages, leading to compromised accounts and wiped repositories. GitHub advises … Read more
June 6, 2024 at 01:57PM Hackers are targeting GitHub repositories, wiping content, and directing victims to Telegram. This follows an ongoing campaign spotted by security researcher Germán Fernández. The threat actor, Gitloker, claims to back up and secure data but demands victims reach out on Telegram. GitHub advises users to strengthen security measures and monitor … Read more
May 22, 2024 at 09:03AM GitHub has released patches for a critical-severity vulnerability in Enterprise Server, impacting instances using SAML SSO authentication and encrypted assertions. The CVE-2024-4985 vulnerability allows unauthorized access to administrative privileges. GitHub advises updating to patched releases 3.9.15, 3.10.12, 3.11.10, or 3.12.4 to mitigate the risk. Users are urged to prioritize implementing … Read more
May 22, 2024 at 03:35AM GitHub patched a critical security flaw in its Enterprise Server software with the release of version p3.13.0, impacting instances using SAML SSO authentication. The bug, CVE-2024-4985, allows attackers to gain admin privileges when encrypted assertions are enabled. Microsoft-owned GitHub learned about the flaw through its bug bounty program, rewarding the … Read more
May 21, 2024 at 11:07AM GitHub has patched a critical authentication bypass vulnerability (CVE-2024-4986) in GitHub Enterprise Server (GHES) instances using SAML single sign-on (SSO), allowing attackers to gain admin privileges and unrestricted access to instance contents. The flaw only affects instances using SAML SSO with encrypted assertions. The fixed versions, released on May 20, … Read more
April 23, 2024 at 03:52PM Hackers are exploiting unpublished GitHub and GitLab comments to create convincing phishing links from legitimate open source software projects. They secretly add malware to a repository and obtain a shareable link, even if the comment is deleted. This flaw affects millions of users and can damage the credibility of the … Read more
April 12, 2024 at 07:36AM GitHub search results are being manipulated by threat actors to infect developers with persistent malware, Checkmarx warns. Attackers create malicious repositories with popular names and boost their search rankings using automated updates and fake stars. Unsuspecting users are lured to these repositories, unaware of the hidden dangers. Checkmarx stresses the … Read more
April 10, 2024 at 10:21AM Threat actors are exploiting GitHub automation features to distribute a variant of the “Keyzetsu” clipboard-hijacking malware via fake repositories named after popular topics. They use GitHub Actions to boost rankings and create fake accounts to add false popularity. The malware, hidden in Visual Studio projects, aims to steal cryptocurrency payments … Read more