Backdoored Malware Reels in Newbie Cybercriminals
Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022.
Stay informed about the latest Github infosec updates, security breaches, and protection strategies with our comprehensive information security news.
Search across headline titles and summaries.
Background for this topic.
GitHub is a hosted software-development platform built around Git repositories. It supports public and private source-code hosting, change review through pull requests, issue tracking, automated workflows, and package distribution. Its repositories and automation are important security assets because they can contain proprietary code, deployment instructions, credentials, and the components used to build released software.
Material risks include accidentally committing secrets, exposing private repositories through misconfigured permissions, and allowing compromised dependencies or workflow actions to run in trusted build environments. Pull requests from untrusted contributors can also become an execution path when workflows handle them unsafely. Security practice includes least-privilege access, strong authentication, protected branches and required reviews, secret scanning and rapid credential revocation, and auditing workflow permissions. Repository history, dependency metadata, and commit provenance can support vulnerability management and incident investigation, but deleting a leaked secret from the latest file does not remove it from historical commits or existing clones.
Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022.
Someone went to great lengths to prey on the next generation of cybercrooks Sophos thinks a single person or group called "ischhfd83" is behind more than a hundred backdoored malware variants targeting novice cybercriminals and video game cheaters looking to get their hands on malicious code.…
Researchers have come up with a fix for a path traversal bug first spotted in 2010 A security bug that surfaced fifteen years ago in a public post on GitHub has survived developers' attempts on its life.…
Sophos has uncovered a scheme planting malicious code in 130+ GitHub repositories, targeting hackers and gamers
A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub that contain hidden backdoors to give the threat actor remote access to infected devices. [...]
CEO of India's KiranaPro, which brings convenience stores online, vows to name the perp The CEO of Indian grocery ordering app KiranaPro has claimed an attacker deleted its GitHub and AWS resources in a targeted and deliberate attack and vowed to name the perpetrator.…
Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies