Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm Kaspersky has warned. The campaign, dubbed “GitVenom,” involves attackers ...

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. While most ...

Cybercriminals have found another way to spread their malware: uploading cryptocurrency mining code to GitHub, according to security researchers at security company Avast. Developers 'fork' projects ...

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...

A secretive network of around 3,000 “ghost” accounts on GitHub has quietly been manipulating pages on the code-hosting website to promote malware and phishing links, according to new research seen by ...

On March 9, the GitHub Security Incident Response Team (SIRT) received a message from security researcher JJ, who had discovered a set of GitHub repositories actively serving malware. A deep-dive ...

Threat actors ran a malvertising campaign on the Russian Yandex.Direct advertising network starting October 2018 to disseminate a malware cocktail designed to encrypt victims' data and steal ...