cyber security
Triton RAT Uses Telegram for Remote System Access and Control
Cado Security Labs has uncovered a new Python-based Remote Access Tool (RAT) named Triton RAT, which leverages Telegram for remote system access and data exfiltration.This open-source malware, available...
cyber security
SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server
Elastic Security Labs has uncovered a sophisticated malware campaign, dubbed REF8685, targeting the Iraqi telecommunications sector.The campaign utilizes a novel malware family called...
Cyber Security News
CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories
A recent discovery has revealed a potential supply chain attack vulnerability in GitHub's CodeQL repositories, which could have led to wide-ranging consequences for hundreds...
cyber security
Beware Developers – Fake Coding Challenges Will Deploy FogDoor on Your System
Researchers has discovered a sophisticated malware operation that poses as a fake coding challenge and targets Polish-speaking professionals.This campaign, known as "FizzBuzz to FogDoor,"...
cyber security
Albabat Ransomware Targets Windows, Linux, and macOS via GitHub Abuse
Recent research by Trend Micro has uncovered a significant evolution in the Albabat ransomware, which now targets not only Windows but also Linux and...
Cyber Attack
North Korean IT Workers Exploit GitHub to Launch Global Cyberattacks
A recent investigation by cybersecurity firm Nisos has uncovered a coordinated effort by North Korean IT workers to exploit GitHub for creating fake personas,...
CVE/vulnerability
CISA Warns of Supply-Chain Attack Exploiting GitHub Action Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical supply-chain attack affecting a widely used third-party GitHub Action: tj-actions/changed-files.This...
Cyber Attack
Supply Chain Attack Targets 23,000 GitHub Repositories
A critical security incident has been uncovered involving the popular GitHub Action tj-actions/changed-files, which is used in over 23,000 repositories.The attack involves a...
cyber security
Blind Eagle Hackers Exploit Google Drive, Dropbox & GitHub to Evade Security Measures
In a recent cyber campaign, the notorious threat actor group Blind Eagle, also known as APT-C-36, has been leveraging trusted cloud platforms like Google...
Apache
Apache Camel RCE Vulnerability PoC Exploit Released in GitHub
A Proof of Concept (PoC) exploit for the Apache Camel vulnerability CVE-2025-27636 has been released on GitHub.This vulnerability affects Apache Camel versions 4.10.0-4.10.1,...
cyber security
Microsoft Warns: 1 Million Devices Infected by Malware from GitHub
In a recent alert, Microsoft revealed a large-scale malvertising campaign that has compromised nearly one million devices worldwide.This campaign, which began in early...