Malicious GitHub repositories used by threat actors to host Amadey payloads and steal data, impacting targeted entities.

The use of GitHub gave the malware-as-a-service (MaaS) a reliable and easy-to-use platform that’s greenlit in many enterprise ...

A new malware distribution campaign leveraging public GitHub repositories as a delivery infrastructure for various malicious ...

A secretive network of around 3,000 “ghost” accounts on GitHub has quietly been manipulating pages on the code-hosting website to promote malware and phishing links, according to new research ...

GitHub is constantly being bombarded with malware, as hackers employ typosquatting, impersonation, and outright fraud, to try and trick people into downloading malware instead of legitimate code ...

The GitHub account was created in May 2016, and its sole repository, mobile-phone-project, was created in June 2016. The project appears to be derived from another generic GitHub page.

Github repositories are being infected with malware Trusted repositories can bypass secure web gateways Github comments are also being used to hide malicious files In a new phishing campaign ...

Payloads, data collection, and exfiltration The malicious actors used two GitHub repositories to host six malware payloads which were frequently switched, with most of them also being signed using ...

GitHub Codespaces, a cloud-hosted integrated development environment (IDE), has a port forwarding feature that malicious actors can abuse to host and distribute malware to unaware developers.

A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection.

GitHub said it found 26 repositories uploaded on its site that contained the Octopus Scanner malware, following a tip it received from a security researcher on March 9.

New research estimates cryptocurrency malware is responsible for mining $57M worth of Monero over the last 4 years - thats $1.2M every month.