Trend Micro and ReversingLabs uncovered over 100 GitHub accounts distributing malware embedded in open source hacking tools.
The post New Campaigns Distribute Malware via Open Source Hacking Tools appeared first on SecurityWeek.
364,000 Impacted by Data Breach at LexisNexis Risk Solutions
Data broker giant LexisNexis Risk Solutions says personal information was stolen from 364,000 people in a December 2024 data breach.
The post 364,000 Impacted by Data Breach at LexisNexis Risk Solutions appeared first on SecurityWeek.
Files Deleted From GitHub Repos Leak Valuable Secrets
A security researcher has discovered hundreds of leaked secrets by restoring files deleted from GitHub repositories.
The post Files Deleted From GitHub Repos Leak Valuable Secrets appeared first on SecurityWeek.
Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed
More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause.
The post Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed appeared first on SecurityWeek.
Popular GitHub Action Targeted in Supply Chain Attack
The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.
The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek.
Critical Authentication Flaw Haunts GitHub Enterprise Server
GitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users.
The post Critical Authentication Flaw Haunts GitHub Enterprise Server appeared first on SecurityWeek.
GitHub Actions Artifacts Leak Tokens and Expose Cloud Services and Repositories
Misconfigurations and security bugs lead to GitHub Actions artifacts exposing tokens for third party cloud services and GitHub repositories.
The post GitHub Actions Artifacts Leak Tokens and Expose Cloud Services and Repositories appeared first on SecurityWeek.
GitHub Makes Copilot Autofix Generally Available
GitHub has made AI-powered Copilot Autofix generally available to help developers fix code vulnerabilities faster.
The post GitHub Makes Copilot Autofix Generally Available appeared first on SecurityWeek.
Network of 3,000 GitHub Accounts Used for Malware Distribution
Stargazer Goblin has created a network of over 3,000 GitHub accounts to distribute malware through phishing repositories.
The post Network of 3,000 GitHub Accounts Used for Malware Distribution appeared first on SecurityWeek.
Ex-GitHub Engineers Raise $20M to Enhance Pen-Testing with AI-Powered XBOW
A team of former GitHub engineers has secured $20 million in venture capital funding from Sequoia to build AI-powered security tools.
The post Ex-GitHub Engineers Raise $20M to Enhance Pen-Testing with AI-Powered XBOW appeared first on SecurityWeek.
