Skip to main content

Tag: github

153 articles

Developer workstation with laptop, notes, and diagrams focused on code security and package management.

GitHub Bolsters npm with Security Updates to Thwart Supply Chain Attacks

GitHub is stepping up its game to protect against supply chain attacks by introducing security updates to npm, aiming to prevent hostile code from running amok during package installation. With the upcoming npm v12, three historically permissive defaults are being flipped to prioritize explicit opt-in over implicit trust.

Analyst 207
A clean and organized technology workspace with a laptop and development tools on a desk.

GitHub Disrupts Supply Chain Attacks by Blocking npm Install Scripts

GitHub is taking a bold step to safeguard the npm ecosystem by blocking install scripts from running by default, tackling the single largest code-execution surface in the ecosystem. This move, part of npm 12's release, aims to prevent supply chain attacks by requiring explicit permission for scripts to run.

Analyst 207
Disrupted open-source workspace with laptop, notes, and coding materials amidst blurred cityscape background.

Miasma Worm Source Code Leaked, Threatens Open-Source Ecosystem

The Miasma worm's source code leak is a game-changer, putting the entire open-source ecosystem at risk after already infiltrating 73 Microsoft repositories on GitHub. This credential-stealing attack framework operates autonomously, spreading rapidly by infecting developer machines and compromising legitimate repositories.

Analyst 207
Developer workspace with laptop, terminal, and notes, hinting at software installation.

GitHub Bolsters npm Security to Thwart Supply-Chain Attacks

GitHub's upcoming npm v12 update is a game-changer for supply-chain security, as it will require explicit approval for automated actions like install scripts and dependency resolution that are often exploited by attackers. This move aims to shut down common code-execution paths and give developers, CI/CD pipelines, and security teams greater control over their code.

Analyst 207
Developer workstation with laptop, notes, and coding books under indoor lighting.

GitHub Overhauls npm Defaults to Thwart Script-Based Attacks

GitHub is taking a major step to boost npm security by changing its default settings to block automatic execution of install-time lifecycle scripts, a common vulnerability exploited in script-based attacks. Starting with npm 12, these scripts will require explicit permission to run, unless explicitly allowed via a new allowlist mechanism.

Analyst 207
Programmers work at desks in an open-plan office, some looking concerned at their computer screens.

Miasma Worm Spreads as Open-Source Toolkit Compromises GitHub Repos

A newly discovered open-source toolkit, known as Miasma Worm, is wreaking havoc on GitHub repositories, allowing attackers to execute a range of malicious activities via stolen credentials. This powerful supply chain attack toolkit can compromise multiple platforms, including PyPI, npm, and RubyGems, and even spread through AI coding tools and SSH-based lateral movement.

Analyst 207
GitHub repository page on a laptop screen in a bright, cluttered office workspace.

Microsoft Probes Miasma Campaign as GitHub Repos Remain Offline

Microsoft swiftly took action to safeguard its customers and the broader ecosystem by temporarily removing some GitHub repositories while investigating a software supply chain intrusion. The company has since restored some, but others remain offline as the probe continues.

Analyst 207
A modern office interior with a laptop and papers, conveying a tech workspace ambiance.

GitHub Disrupts Microsoft Repos Hosting Password-Stealing Malware

In a lightning-fast response, GitHub and Microsoft swiftly contained a malware incident on June 5, removing 73 repositories and restoring disrupted developer workflows in a mere 105 seconds. The quick takedown prevented password-stealing malware from causing further harm, showcasing the companies' commitment to protecting their platforms.

Analyst 207
Person sits at laptop in European café, face downcast, with blurred cityscape and bank storefront in background.

Android Malware NFCShare Targets Europe Banks via GitHub Updates

Malicious actors are using GitHub to spread new variants of the NFCShare Android malware, disguising them as banking app updates to target customers of European banks. Victims are first lured into downloading the malware through phishing sites that mimic real banks, where they're prompted to install a fake update.

Analyst 207
Brightly lit coding workspace with laptop showing GitHub/GitLab page surrounded by coding materials and documents.

North Korean Hackers Exploit Coding Lures to Steal Crypto Credentials

In a sneaky move, North Korean hackers sent over 250 emails with innocent-looking coding tasks to nearly 100 US-based organizations, tricking them into handing over cryptocurrency credentials. The clever phishing scam, tracked as UNK_DeadDrop, targeted tech, education, and finance firms, with a special focus on cryptocurrency companies.

Analyst 207
Dimly lit software development workspace with rows of computer workstations and coding materials.

Miasma Worm Exposes GitHub Repositories in Supply Chain Attack

A sneaky Miasma worm has infiltrated 73 Microsoft GitHub repositories, putting countless projects at risk in a self-replicating supply chain attack. This malicious campaign is a stark reminder of the rapidly evolving threats lurking in the shadows of our digital supply chains.

Analyst 207
GitHub office interior with developer workstation, server racks, and city view.

GitHub Disrupts Microsoft Repos Amid Suspected Worm Infections

GitHub took drastic action, removing over 70 Microsoft repositories and disrupting critical code pipelines, after detecting suspected worm infections. This swift move has left many automated builds and deployments in limbo.

Analyst 207
GitHub repository page on laptop screen with error message and blurred software development workspace background.

Miasma Worm Targets Microsoft GitHub Repositories in Supply Chain Attack

GitHub has taken swift action, disabling access to 73 Microsoft repositories across four organizations after a sneaky supply chain attack by the Miasma Worm compromised code on the platform. The disruption was triggered when the malware targeted Microsoft's GitHub repositories, prompting site-wide warnings and restricted access.

Analyst 207
Laptop screen displays GitHub repository page with cityscape background, hinting at public online platform vulnerability.

Flaw in Claude Code GitHub Action Exposes Repositories to Hijacking

A security researcher discovered a logic hole in Anthropic's Claude Code GitHub Action that could let attackers hijack vulnerable public repositories with just a single opened GitHub issue. This flaw exploited broad read and write permissions, putting countless repositories at risk.

Analyst 207
Person sitting at laptop in modern workspace with code on nearby monitor.

Bug Hunter Exposes Microsoft VS Code Flaw in Protest of Disclosure Handling

A bug hunter's frustrating experience with Microsoft's disclosure process sparked a protest, as Ammar Askar publicly exposed a VS Code flaw that could allow attackers to steal OAuth tokens and access GitHub repositories. Askar's proof-of-concept exploit highlights the vulnerability, which was previously mishandled by Microsoft's security response team.

Analyst 207
Developer scrutinizes code with concern in a well-lit lab setting.

GitHub Dev Attack Exploits OAuth Tokens

A single click can be all it takes for an attacker to swipe a GitHub token, giving them free rein to read and write to your private repos. Security researcher Ammar Askar warns that a clever exploit in GitHub.dev's web-based editor can turn a harmless link into a token-stealing threat.

Analyst 207
Developer workstation with VS Code on laptop and GitHub page on nearby device.

VS Code Zero-Day Vulnerability Exposes GitHub Tokens to Theft

A security researcher just revealed a shocking VS Code zero-day vulnerability that lets attackers swipe your GitHub authentication tokens with just one click, exposing your online projects to potential theft. This exploit cleverly abuses VS Code's system to run malicious code and extract sensitive tokens.

Analyst 207
Server room with rows of computer servers and cables, laptops in foreground with some monitors displaying code or data.

Malware Worms Red Hat npm Packages, Targets Cloud Credentials

A single compromised Red Hat employee's GitHub account was used to seed dozens of Red Hat npm package releases with a self-propagating credential-stealer, putting cloud credentials at risk. The malicious packages, downloaded around 80,000 times a week, are still considered a live threat.

Analyst 207
Software development workspace with laptop and papers, subtle coding environment in background.

Red Hat npm Packages Compromised in Supply-Chain Attack

A recent supply-chain attack compromised 32 Red Hat npm packages, affecting 117,000 weekly downloads, after attackers backdoored 96 package versions under the @redhat-cloud-services namespace. The breach occurred when a Red Hat employee's GitHub account was compromised, allowing malicious commits to be pushed.

Analyst 207
Gaming setup with computer and monitor on a desk, cityscape blurred in background.

Atlas Menu Hack Exposes 64,000 User Records

A shocking security breach has hit Atlas Menu, a popular cheat service for Grand Theft Auto, with an attacker claiming to have fully compromised the system and leaked 64,000 user records online. The hacker also made the disturbing allegation that Atlas Menu was secretly taking screenshots of users' machines.

Analyst 207
Cluttered computer terminal room with cables and equipment, laptop in center, faint GitHub logo on blurred screen.

AI-Generated Malware Exposes Operator's GitHub Token

A malicious npm package, disguised as a harmless sync utility called "mouse5212-super-formatter", was downloaded 676 times before it was caught stealing sensitive data and exposing its creator's GitHub token. This AI-generated malware cleverly hid its true intentions, uploading stolen files to a fake repository and covering its tracks.

Analyst 207
GitHub repository on laptop in home office with papers and smartphone nearby.

Malicious npm Package Targets Claude AI User Files via GitHub

Disguising itself as a harmless archive deployment sync tool, the malicious npm package mouse5212-super-formatter secretly synced local workspace files to a remote tracking tree, allowing attackers to target user files on GitHub.

Analyst 207
Software development workspace with laptop and monitor displaying Git repository interface.

GitHub Tags Exploited to Deploy Credential-Stealing Malware

Malicious actors have manipulated hundreds of GitHub tags to spread credential-stealing malware through popular Laravel Lang localization packages, putting countless users at risk. By rewriting historical tags, attackers tricked Composer installations into downloading the malicious payload.

Analyst 207
Laptop and development tools sit on a cluttered workspace surrounded by generic technology equipment.

GitHub-Hosted Malware Targets PHP Packages in Coordinated Supply Chain Attack

Malicious code was injected into eight PHP packages on Packagist, triggering a Linux binary download from GitHub Releases via JavaScript lifecycle hooks in package.json postinstall scripts. The attack was swiftly contained, with the malicious versions removed from Packagist.

Analyst 207