Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm Kaspersky has warned. The campaign, dubbed “GitVenom,” involves attackers ...

A threat actor known as "Stargazer Goblin" has found a new way to leverage GitHub to distribute malware and malicious links to unsuspecting users. Instead of hosting malware on GitHub and then luring ...

A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection. Attackers could start abusing GitHub Codespaces, ...

WTF?! BlackLotus was first discovered in October 2022, and it has since been described as one of the most complex annd dangerous threats against the secure Windows boot process. The bootkit will ...

Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and malicious scripts. GitHub Codespaces allows developers to ...

Kaspersky found that at least one victim lost 5 Bitcoin, worth around $442,000, to a malware-riddled fake project in November. Hackers are creating hundreds of fake GitHub projects aiming to dupe ...

A new report out today from endpoint security firm Morphisec Inc. details a previously undocumented malware family dubbed “PyStoreRAT” that abuses trusted open-source platforms and Windows scripting ...

Kaspersky Global Research & Analysis Team (GReAT) discovered hundreds of open source repositories with multistaged malware targeting gamers and crypto investors within a new campaign that was dubbed ...

The newly discovered malware uses GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors. Researchers have uncovered a new worm targeting Linux based x86 servers, ...

When people hear about a cyber attack or hacking campaign, they may picture a well-oiled machine that's taken time, skills and resources to build. They imagine underground forums on the dark web, ...