Browsing Tag
GitHub
39 posts
GitHub Reports Code-Signing Certificate Theft in Security Breach
GitHub states that hackers gained access to its code repositories and stole code-signing certificates for two of its desktop apps: Desktop and Atom.
February 1, 2023
GitHub Disables Pages of Pro-Russia DDoS Group NoName057(16)
NoName057(16) is a group that has been targeting NATO and Czech presidential election candidates' websites recently.
January 16, 2023
GitHub Attack Allowed Attackers to Steal Okta’s Source Code
Okta has, however, confirmed that attackers couldn’t access its customer data or services. Authentication giant Okta has suffered…
December 21, 2022
GitHub Abused to Distribute Malicious Packages on PyPI in Image Files
Threat actors are using steganography to hide malicious code in images.
November 10, 2022
GitHub fixes critical vulnerability that exposed repositories to attackers
The vulnerability allowed attackers to take control of GitHub repositories and infect codes and apps with malware.
October 28, 2022
US Blacklists Tornado Cash, GitHub Removes Co-Founder in Response
The US Treasury Department has blacklisted Tornado Cash on the accusation that the platform helped bad actors harvest…
August 9, 2022
Thousands of GitHub Repositories Cloned in Supply Chain Attack
This hasn’t been a great week for the crypto community. On Monday, the Nomad bridge got exploited and…
August 4, 2022
Hackers can spoof commit metadata to create false GitHub repositories
Checkmarx security researchers have warned about an emerging new supply chain attack tactic involving spoofed metadata commits to present malicious…
July 17, 2022
GitHub: Hackers Stole OAuth Access Tokens to Target Dozens of Firms
GitHub has revealed that attackers have abused OAuth user tokens issued to Heroku and Travis-CI, popular third-party OAuth…
April 16, 2022
CISA warns of trojanized versions of JavaScript library’s NPM package
The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository.
October 23, 2021