cyber security
CrazyHunter Hacker Group Exploits Open-Source GitHub Tools to Target Organizations
A relatively new ransomware outfit known as CrazyHunter has emerged as a significant threat, particularly targeting Taiwanese organizations.
The group, which started its operations in the healthcare, education, and...
APT
APT32 Turns GitHub into a Weapon Against Security Teams and Enterprise Networks
Southeast Asian Advanced Persistent Threat (APT) group OceanLotus, also known as APT32, has been identified as employing GitHub to conduct a sophisticated poison attack...
Cyber Security News
Massive GitHub Leak: 39M API Keys & Credentials Exposed – How to Strengthen Security
Over 39 million API keys, credentials, and other sensitive secrets were exposed on GitHub in 2024, raising considerable alarm within the developer community and...
cyber security
Prince Ransomware – An Automated Open-Source Ransomware Builder Freely Available on GitHub
The cybersecurity landscape has witnessed a concerning development with the emergence of "Prince Ransomware," an open-source ransomware builder that was freely accessible on GitHub...
cyber security
Triton RAT Uses Telegram for Remote System Access and Control
Cado Security Labs has uncovered a new Python-based Remote Access Tool (RAT) named Triton RAT, which leverages Telegram for remote system access and data...
cyber security
SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server
Elastic Security Labs has uncovered a sophisticated malware campaign, dubbed REF8685, targeting the Iraqi telecommunications sector.
The campaign utilizes a novel malware family called...
Cyber Security News
CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories
A recent discovery has revealed a potential supply chain attack vulnerability in GitHub's CodeQL repositories, which could have led to wide-ranging consequences for hundreds...
cyber security
Beware Developers – Fake Coding Challenges Will Deploy FogDoor on Your System
Researchers has discovered a sophisticated malware operation that poses as a fake coding challenge and targets Polish-speaking professionals.
This campaign, known as "FizzBuzz to FogDoor,"...
cyber security
Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse
Recent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows but also Linux and...
Cyber Attack
North Korean IT Workers Exploit GitHub to Launch Global Cyberattacks
A recent investigation by cybersecurity firm Nisos has uncovered a coordinated effort by North Korean IT workers to exploit GitHub for creating fake personas,...
CVE/vulnerability
CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files.
This...