On May 21, 2024 GitHub disclosed a new authentication bypass flaw in their Enterprise Server. Encoded as CVE-2024-4985, it is so easy to exploit that it received the max CVSS rating of 10 right away. The developer already released the patches and potential mitigations for the flaw. GitHub Discloses Enterprise Server Authentication Bypass Vulnerability Later… Continue reading GitHub Enterprise Server Auth Bypass Flaw Discovered
Tag: GitHub
GitHub and GitLab CDNs Abused to Spread Malware
Recent research around new spreading approaches of one stealer malware family revealed a new way to abuse GitHub. Instead of creating repositories that contain malware files, hackers push the files they need through the issue reporting mechanism in the repository menu. This allows for making malware look like a file from a legit repo, bypassing… Continue reading GitHub and GitLab CDNs Abused to Spread Malware
STRRAT and Vcurms Malware Abuse GitHub for Spreading
A new phishing campaign has recently been discovered that uses GitHub to deliver Remote Access Trojans (RAT) STRRAT and Vcurms via a malicious Java downloader. ANY.RUN specialists have detected the active spread of these malicious programs and warn users against potential threats. Short About STRRAT and Vcurms STRRAT is a Java-based RAT, notorious for its… Continue reading STRRAT and Vcurms Malware Abuse GitHub for Spreading
RepoJacking Attacks Could Threaten Millions of GitHub Repositories
Aqua researchers believe that millions of repositories on GitHub are vulnerable to an attack that allows taking over other people’s repositories and is called RepoJacking. The issue is reportedly affecting the repositories of Google, Lyft, and other major companies. Let me remind you that we also wrote that Malware in GitHub Repositories Is Spread From… Continue reading RepoJacking Attacks Could Threaten Millions of GitHub Repositories
Malware in GitHub Repositories Is Spread From Fake Security Company Name
Researchers detected fake company accounts on GitHub linked to a deceitful cybersecurity company. These accounts are promoting harmful repositories on the code hosting service. According to the experts, all repositories claim a proof-of-concept (PoC) exploit for alleged zero-day vulnerabilities in Discord, Google Chrome, and Microsoft Exchange. Though in fact, that was a yet another example… Continue reading Malware in GitHub Repositories Is Spread From Fake Security Company Name
Attackers Can Use GitHub Codespaces to Host and Deliver Malware
Trend Micro reports that the GitHub Codespaces cloud development environment, available to the public use since November 2022, can be used to store and deliver malware, as well as malicious scripts. Let me remind you that we also talked about Hackers Bypass CAPTCHA on GitHub to Automate Account Creation, and also that Hackers compromised Slack… Continue reading Attackers Can Use GitHub Codespaces to Host and Deliver Malware
Hackers Bypass CAPTCHA on GitHub to Automate Account Creation
The South African hack group Automated Libra is looking for new approaches to use the resources of cloud platforms for cryptocurrency mining: hackers bypass CAPTCHA on GitHub. Let me remind you that we also wrote that Hackers force users to solve CAPTCHA, and also that New hCaptcha bypass method may not affect Cloudflare’s security. According… Continue reading Hackers Bypass CAPTCHA on GitHub to Automate Account Creation
Hackers compromised Slack private GitHub repositories
On December 31, while everyone was celebrating the New Year, Salesforce, the company behind the development of the corporate Slack messenger, published a message about the incident of compromising Slack repositories on GitHub. Let me remind you that recently MI also wrote that Slack Is Resetting User Passwords Due to a Bug, and also that… Continue reading Hackers compromised Slack private GitHub repositories
Open-Source Cryptor Cryptonite Became a Wiper due to a Bug
Fortinet researchers studied the recently appeared open-source cryptor Cryptonite, distributed for free on GitHub. It turned out that the creator of the malware made a mistake in the code, and the malware did not encrypt, but destroyed the data of the victims. Let me remind you that we also wrote about FBI Says Cuba Ransomware… Continue reading Open-Source Cryptor Cryptonite Became a Wiper due to a Bug
Thousands of GitHub Repositories Spread Malware That Is Disguised as Exploits
Experts from the Leiden Institute for Advanced Computer Science have discovered thousands of GitHub repositories with fake PoC exploits for various vulnerabilities that spread malware. It turned out that the probability of infection with malware when downloading PoC can reach 10.3%, even if outright fakes are excluded. Let me remind you that we also reported… Continue reading Thousands of GitHub Repositories Spread Malware That Is Disguised as Exploits