GitHub

  • Blog
    digitpatrox3 days ago
    14

    Coinbase was primary target of recent GitHub Actions breaches

    Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories. According to new reports from Palo Alto Unit 42 and Wiz, the attack was carefully planned and began when malicious code was injected into reviewdog/action-setup@v1 GitHub Action. It is unclear how the breach occurred, but…

    Read More »
  • Blog
    digitpatrox6 days ago
    23

    GitHub Action hack likely led to another in cascading supply chain attack

    A cascading supply chain attack that began with the compromise of the “reviewdog/action-setup@v1” GitHub Action is believed to have led to the recent breach of “tj-actions/changed-files” that leaked CI/CD secrets. Last week, a supply chain attack on the tj-actions/changed-files GitHub Action caused malicious code to write CI/CD secrets to the workflow logs for 23,000 repositories. If those logs had been…

    Read More »
  • Blog
    digitpatrox6 days ago
    37

    Supply chain attack on popular GitHub Action exposes CI/CD secrets

    A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. The GitHub Action is a very popular automation tool designed for GitHub Actions workflows. It allows developers to identify files changed in a pull request or commit and take actions based on…

    Read More »
  • Blog
    digitpatrox1 week ago
    33

    Organizations urged to act fast after GitHub Action supply chain attack

    More than 20,000 organizations may be at risk following a supply chain attack affecting tj-actions/changed-files GitHub Action. GitHub Actions is a continuous integration and continuous delivery (CI/CD) service that enables developers to automate software builds and tests. Workflows are triggered by specific events, for example when new code is committed to the repository. Used in more than 23,000 repositories, tj-actions/changed-files…

    Read More »
  • Blog
    digitpatrox1 week ago
    39

    Fake “Security Alert” issues on GitHub use OAuth app to hijack accounts

    A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. “Security Alert: Unusual Access Attempt We have detected a login attempt on your GitHub account that appears to be from a new location or device,” reads the…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    39

    Nearly a million devices were infected in a huge GitHub malvertising campaign

    Microsoft has alerted users to a malvertising campaign leveraging GitHub to infect nearly 1 million devices around the world. A new advisory from Microsoft Threat Intelligence stated that in December 2024 it detected a large-scale campaign using the developer platform as the primary vehicle to deliver the initial access payloads used in attacks. The campaign’s initial stage injects adverts into…

    Read More »
  • Blog
    digitpatrox4 weeks ago
    41

    ‘GitVenom’ campaign uses dodgy GitHub repositories to spread malware

    Security researchers have issued an alert over a campaign using GitHub repositories to distribute malware, with users lured in by fake projects. Analysis from Kaspersky warned the unknown threat actors behind the campaign, which it dubbed ‘GitVenom’, had created over 200 repositories with various projects containing malicious code. These fake projects included Telegram bots, video game hacking tools, Instagram automation…

    Read More »
  • Blog
    digitpatroxJanuary 30, 2025
    216

    Malicious GitHub repositories target users with malware

    McAfee has uncovered new malware that’s being used to target GitHub users with infostealing malware. The security firm said it found several GitHub repositories offering video game hacks, cracked software, and free crypto tools that were not what they seemed. They included game hacks for top-selling video games such as Apex Legends, Minecraft, Counter Strike 2.0, Roblox, Valorant, Fortnite, Call…

    Read More »
  • Blog
    digitpatroxJanuary 21, 2025
    77

    Why You Should Keep All Your Linux Dotfiles on GitHub

    Summary Managing dotfiles with git can save time and provide a robust backup option. Storing dotfiles in a version control system (VCS) like git can ensure a consistent setup across multiple machines. Using GitHub to host dotfiles allows for easy sharing and collaboration. Dotfiles are an accessible, powerful way of configuring your Linux system. But how do you keep track…

    Read More »
  • Blog
    digitpatroxJanuary 11, 2025
    408

    Fake LDAPNightmware exploit on GitHub spreads infostealer malware

    A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The tactic isn’t novel, as there have been multiple documented cases of malicious tools disguised as PoC exploits on GitHub. However, this case, discovered by Trend Micro, highlights that threat actors continue to use the…

    Read More »
Load More
Back to top button
close