The use of GitHub gave the malware-as-a-service (MaaS) a reliable and easy-to-use platform that’s greenlit in many enterprise ...

GitHub is an extremely popular platform in the open source world, and as such is under a constant barrage of attacks. This ...

npm packages hit by phishing-based supply chain attack, exposing developers to malware and remote access threats.

Malicious GitHub repositories used by threat actors to host Amadey payloads and steal data, impacting targeted entities.

A new malware distribution campaign leveraging public GitHub repositories as a delivery infrastructure for various malicious ...

Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into ...

Security experts have warned of an emerging new cyber threat involving fake VPN software hosted on GitHub. A report from Cyfirma outlines how malware disguises itself as a “Free VPN for PC” and lures ...

That’s exactly what one campaign, identified by cybersecurity firm Cyfirma, did. The malware was hosted openly on a GitHub ...

That seems to be the choice for the latest batch of spyware, which is hiding in mods for the indefatigable Minecraft, now getting a predictable boost from a smash-hit kid’s movie. According to Check ...

Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising fresh alarms for OSS supply chain security.

A new malware campaign is using GitHub to quietly distribute an infostealer tool under the pretense of free utility software, ...