Tuesday, April 29, 2025

GitHub

CrazyHunter Hacker Group Exploits Open-Source GitHub Tools to Target Organizations

A relatively new ransomware outfit known as CrazyHunter has emerged as a significant threat, particularly targeting Taiwanese organizations. The group, which started its operations in the healthcare, education, and...

APT32 Turns GitHub into a Weapon Against Security Teams and Enterprise Networks

Southeast Asian Advanced Persistent Threat (APT) group OceanLotus, also known as APT32, has been identified as employing GitHub to conduct a sophisticated poison attack...

Massive GitHub Leak: 39M API Keys & Credentials Exposed – How to Strengthen Security

Over 39 million API keys, credentials, and other sensitive secrets were exposed on GitHub in 2024, raising considerable alarm within the developer community and...

Prince Ransomware – An Automated Open-Source Ransomware Builder Freely Available on GitHub

The cybersecurity landscape has witnessed a concerning development with the emergence of "Prince Ransomware," an open-source ransomware builder that was freely accessible on GitHub...

Triton RAT Uses Telegram for Remote System Access and Control

Cado Security Labs has uncovered a new Python-based Remote Access Tool (RAT) named Triton RAT, which leverages Telegram for remote system access and data...

SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server

Elastic Security Labs has uncovered a sophisticated malware campaign, dubbed REF8685, targeting the Iraqi telecommunications sector. The campaign utilizes a novel malware family called...

CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories

A recent discovery has revealed a potential supply chain attack vulnerability in GitHub's CodeQL repositories, which could have led to wide-ranging consequences for hundreds...

Beware Developers – Fake Coding Challenges Will Deploy FogDoor on Your System

Researchers has discovered a sophisticated malware operation that poses as a fake coding challenge and targets Polish-speaking professionals. This campaign, known as "FizzBuzz to FogDoor,"...

Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse

Recent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows but also Linux and...

North Korean IT Workers Exploit GitHub to Launch Global Cyberattacks

A recent investigation by cybersecurity firm Nisos has uncovered a coordinated effort by North Korean IT workers to exploit GitHub for creating fake personas,...

CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files. This...