-
GitLab affected by GitHub-style CDN flaw allowing malware hosting
BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. It turns out, GitLab is also affected by this issue and could be abused in a similar fashion.
- April 22, 2024
- 11:05 AM
0
-
GitHub comments abused to push malware via Microsoft repo URLs
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy.
- April 20, 2024
- 10:14 AM
1
-
Fake cheat lures gamers into spreading infostealer malware
A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab,' promising downloaders a free copy if they convince their friends to install it too.
- April 18, 2024
- 08:46 PM
- 0
-
Malicious Visual Studio projects on GitHub push Keyzetsu malware
Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments.
- April 10, 2024
- 07:00 AM
- 0
-
Acuity confirms hackers stole non-sensitive govt data from GitHub repos
Acuity, a federal contractor that works with U.S. government agencies, has confirmed that hackers breached its GitHub repositories and stole documents containing old and non-sensitive data.
- April 05, 2024
- 11:32 AM
- 0
-
GitHub’s new AI-powered tool auto-fixes vulnerabilities in your code
GitHub introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding. This feature is in public beta and automatically enabled on all private repositories for GitHub Advanced Security (GHAS) customers
- March 20, 2024
- 02:52 PM
- 0
-
Over 12 million auth secrets and keys leaked on GitHub in 2023
GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days.
- March 12, 2024
- 11:23 AM
- 4
-
GitHub enables push protection by default to stop secrets leak
GitHub has enabled push protection by default for all public repositories to prevent accidental exposure of secrets such as access tokens and API keys when pushing new code.
- February 29, 2024
- 01:57 PM
- 0
-
A mishandled GitHub token exposed Mercedes-Benz source code
A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public.
- January 30, 2024
- 01:42 PM
- 0
-
Haier hits Home Assistant plugin dev with takedown notice
Appliances giant Haier reportedly issued a takedown notice to a software developer for creating Home Assistant integration plugins for the company's home appliances and releasing them on GitHub.
- January 18, 2024
- 12:37 PM
- 16
-
GitHub rotates keys to mitigate impact of credential-exposing flaw
GitHub rotated keys potentially exposed by a vulnerability patched in December that could let attackers access credentials within production containers via environment variables.
- January 16, 2024
- 05:19 PM
- 0
-
Blockchain dev's wallet emptied in "job interview" using npm package
A blockchain developer shares his ordeal over the holidays when he was approached on LinkedIn by a "recruiter" for a web development job. The recruiter in question asked the developer to download npm packages from a GitHub repository, and hours later the developer discovered his MetaMask wallet had been emptied.
- December 28, 2023
- 06:25 AM
- 1
-
GitHub warns users to enable 2FA before upcoming deadline
GitHub is warning users that they will soon have limited functionality on the site if they do not enable two-factor authentication (2FA) on their accounts.
- December 26, 2023
- 04:03 PM
- 3
-
GitHub repos bombarded by info-stealing commits masked as Dependabot
Hackers are breaching GitHub accounts and inserting malicious code disguised as Dependabot contributions to steal authentication secrets and passwords from developers.
- September 27, 2023
- 08:00 AM
- 0
-
GitHub passkeys generally available for passwordless sign-ins
GitHub has made passkeys generally available across the platform today to secure accounts against phishing and allow passwordless logins for all users.
- September 21, 2023
- 02:59 PM
- 2
-
Fake WinRAR proof-of-concept exploit drops VenomRAT malware
A hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect downloaders with the VenomRAT malware.
- September 20, 2023
- 10:49 AM
- 0
-
New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices
Mandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability.
- August 15, 2023
- 11:32 AM
- 0
-
GitHub warns of Lazarus hackers targeting devs with malicious projects
GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their devices with malware.
- July 20, 2023
- 06:48 PM
- 0
-
Fake Linux vulnerability exploit drops data-stealing malware
Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware.
- July 13, 2023
- 02:28 PM
- 3
-
GitHub goes passwordless, announces passkeys beta preview
GitHub announced today the introduction of passwordless authentication support in public beta, allowing users who opt-in to upgrade from security keys to passkeys.
- July 12, 2023
- 11:00 AM
- 1
1
-
Remove the Theonlinesearch.com Search Redirect
Filed Under: Adware -
Remove the Smartwebfinder.com Search Redirect
Filed Under: Adware -
How to remove the PBlock+ adware browser extension
Filed Under: Adware -
Remove the Toksearches.xyz Search Redirect
Filed Under: Adware -
Remove the Smashapps.net Search Redirect
Filed Under: Adware
-
Version: 9.0.3.0106,396 Downloads
-
Version: 18.0.7.562,878 Downloads
-
Version: 8.4.0.056M+ Downloads
-
Version: 5.1.25M+ Downloads
-
Version: 4.14.12M+ Downloads
