AI-Generated npm Malware Leaks Its Own GitHub Token
Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator
LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration
The Vidar 2.0 infostealers is deployed through fake free game cheats on GitHub and Reddit
New campaign merges traditional malware with DevOps tools, using GitHub CodeSpaces for DDoS attacks
A new malware campaign uses GitHub to deliver payloads via Amadey botnet, bypassing email distribution
Banana Squad exploited GitHub to distribute malicious Python code disguised as legitimate tools
Fake job ads target freelance developers, spreading malware via GitHub
Checkmarx warns of GitHub search result manipulation designed to promote malicious repositories
Secureworks said the malicious code is written in .NET and comprises a dropper and a payload