Browsing Tag
GitHub
36 posts
GitHub Abused to Distribute Malicious Packages on PyPI in Image Files
Threat actors are using steganography to hide malicious code in images.
GitHub fixes critical vulnerability that exposed repositories to attackers
The vulnerability allowed attackers to take control of GitHub repositories and infect codes and apps with malware.
US Blacklists Tornado Cash, GitHub Removes Co-Founder in Response
The US Treasury Department has blacklisted Tornado Cash on the accusation that the platform helped bad actors harvest…
Thousands of GitHub Repositories Cloned in Supply Chain Attack
This hasn’t been a great week for the crypto community. On Monday, the Nomad bridge got exploited and…
Hackers can spoof commit metadata to create false GitHub repositories
Checkmarx security researchers have warned about an emerging new supply chain attack tactic involving spoofed metadata commits to present malicious…
GitHub: Hackers Stole OAuth Access Tokens to Target Dozens of Firms
GitHub has revealed that attackers have abused OAuth user tokens issued to Heroku and Travis-CI, popular third-party OAuth…
CISA warns of trojanized versions of JavaScript library’s NPM package
The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository.
How can you protect your personal, sensitive data online?
If you are reading this, thinking about your personal data or even secrets, you may have bigger problems than you can solve.
GitHub Will Now Support Security Keys for SSH Git Operations
To prevent account takeover in SSH Git operations, GitHub has now added support for security keys.
GitHub Announces Blocking Google’s FLoC
GitHub has announced that it is adding an HTTP header which is a move that would block Google's FLoC. Here's the code.