Tuesday, April 1, 2025

GitHub

Triton RAT Uses Telegram for Remote System Access and Control

Cado Security Labs has uncovered a new Python-based Remote Access Tool (RAT) named Triton RAT, which leverages Telegram for remote system access and data exfiltration.This open-source malware, available...

SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server

Elastic Security Labs has uncovered a sophisticated malware campaign, dubbed REF8685, targeting the Iraqi telecommunications sector.The campaign utilizes a novel malware family called...

CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories

A recent discovery has revealed a potential supply chain attack vulnerability in GitHub's CodeQL repositories, which could have led to wide-ranging consequences for hundreds...

Beware Developers – Fake Coding Challenges Will Deploy FogDoor on Your System

Researchers has discovered a sophisticated malware operation that poses as a fake coding challenge and targets Polish-speaking professionals.This campaign, known as "FizzBuzz to FogDoor,"...

Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse

Recent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows but also Linux and...

North Korean IT Workers Exploit GitHub to Launch Global Cyberattacks

A recent investigation by cybersecurity firm Nisos has uncovered a coordinated effort by North Korean IT workers to exploit GitHub for creating fake personas,...

CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files.This...

Supply Chain Attack Targets 23,000 GitHub Repositories

A critical security incident has been uncovered involving the popular GitHub Action tj-actions/changed-files, which is used in over 23,000 repositories.The attack involves a...

Blind Eagle Hackers Exploit Google Drive, Dropbox & GitHub to Evade Security Measures

In a recent cyber campaign, the notorious threat actor group Blind Eagle, also known as APT-C-36, has been leveraging trusted cloud platforms like Google...

Apache Camel RCE Vulnerability PoC Exploit Released in GitHub

A Proof of Concept (PoC) exploit for the Apache Camel vulnerability CVE-2025-27636 has been released on GitHub.This vulnerability affects Apache Camel versions 4.10.0-4.10.1,...

Microsoft Warns: 1 Million Devices Infected by Malware from GitHub

In a recent alert, Microsoft revealed a large-scale malvertising campaign that has compromised nearly one million devices worldwide.This campaign, which began in early...