Serverless Phishing Kit on GitHub Targets Mexican Banks
GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials
New variants of the NFCShare Android malware are being distributed as fake updates for legitimate banking apps hosted on GitHub. [...]
Cybersecurity researchers are calling attention to a new campaign that delivers the Astaroth banking trojan that employs GitHub as a backbone for its operations to stay resilient in the face of infrastructure takedowns
May even have targeted other malware gangs, and infosec researchers Infosec researchers have discovered a network of over three thousand malicious GitHub accounts used to spread malware, targeting groups including gamers, malware researchers, and even other threat actors who themselves seek to spread malware.…
A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro
LofyLife campaign comes amid GitHub security lockdown Cybercriminals continue to use npm packages to drop malicious packages on unsuspecting victims, most recently to steal Discord login tokens, bank card data, and other user information from infected systems.…