The use of GitHub gave the malware-as-a-service (MaaS) a reliable and easy-to-use platform that’s greenlit in many enterprise ...

Malicious GitHub repositories used by threat actors to host Amadey payloads and steal data, impacting targeted entities.

GitHub is an extremely popular platform in the open source world, and as such is under a constant barrage of attacks. This ...

A new malware distribution campaign leveraging public GitHub repositories as a delivery infrastructure for various malicious ...

GitHub repositories host malware disguised as tools that gamers, and privacy-seekers are likely to download The fake VPN campaign drops malware straight into AppData and hides it from plain view ...

Discover how AsyncRAT evolved from GitHub release to a widespread malware tool, spawning dangerous variants like DCRat and ...

By using scripting tools, threat actors query the DNS records and reconstruct the malware without triggering the usual ...

Arch Linux has pulled three malicious packages uploaded to the Arch User Repository (AUR) were used to install the CHAOS remote access trojan (RAT) on Linux devices.

Increasing reliance on open-source repositories calls for much higher-level vigilance to counter deceptive tactics.

Researchers uncover stealth malware using DNS records to bypass detection tools and hijack systems through less monitored ...

Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising fresh alarms for OSS supply chain security.

Cybersecurity firm SlowMist has uncovered a fake GitHub repository masquerading as a Solana trading bot that secretly delivered obfuscated malware to steal users’ crypto wallet credentials.