Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
5 résultats taggé developers  ✕
wget to Wipeout: Malicious Go Modules Fetch Destructive Payload https://socket.dev/blog/wget-to-wipeout-malicious-go-modules-fetch-destructive-payload
06/05/2025 11:23:41
QRCode
archive.org
thumbnail

Socket's research uncovers three dangerous Go modules that contain obfuscated disk-wiping malware, threatening complete data loss.

The Go ecosystem, valued for its simplicity, transparency, and flexibility, has exploded in popularity. With over 2 million modules available, developers rely heavily on public repositories like GitHub. However, this openness is precisely what attackers exploit.

No Central Gatekeeping: Developers freely source modules directly from GitHub repositories, trusting the naming conventions implicitly.
Prime Target for Typosquatting: Minimal namespace validation enables attackers to masquerade malicious modules as popular libraries.
Introduction: The Silent Threat#
In April 2025, we detected an attack involving three malicious Go modules which employ similar obfuscation techniques:

github[.]com/truthfulpharm/prototransform
github[.]com/blankloggia/go-mcp
github[.]com/steelpoor/tlsproxy
Despite appearing legitimate, these modules contained highly obfuscated code designed to fetch and execute remote payloads. Socket’s scanners flagged the suspicious behaviors, leading us to a deeper investigation.

socket.dev EN 2025 Wipeout github Payload GO research Developers supply-chain-attack
DPRK IT Fraud Network Uses GitHub to Target Global Companies https://nisos.com/research/dprk-github-employment-fraud/
08/03/2025 12:04:29
QRCode
archive.org
thumbnail

DPRK IT workers exploit GitHub to pose as Asian developers, securing remote jobs to fund missile and nuclear programs.

nisos.com EN 2025 DPRK North-Korea GitHub developers jobs fake Personas
Sonar https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/
04/07/2024 13:18:05
QRCode
archive.org
thumbnail

We discovered 4 critical code vulnerabilities in Gogs, a source code hosting solution, which are still unpatched. Read about the details and how to protect yourself.

sonarsource EN 2024 Gogs vulnerabilities developers Supply-Chain
Russia-linked 'Lumma' crypto stealer now targets Python devs https://www.sonatype.com/blog/crytic-compilers-typosquats-known-crypto-library-drops-windows-trojan
09/06/2024 16:32:39
QRCode
archive.org
thumbnail

Sonatype's automated malware detection systems identified a malicious PyPI package called crytic-compilers, connected to Russia-linked Lumma Windows stealer, and named very closely after a well-known legitimate Python library that is used by cryptocurrency developers.

sonatype EN 2024 PyPI Lumma Python cryptocurrency developers
Steam Adds Security Layer for Devs After Some Had Their Accounts Compromised and Malware Was Injected in Games https://wccftech.com/steam-adds-security-layer-for-devs-after-some-had-their-accounts-compromised-and-malware-was-injected-in-games
12/10/2023 18:23:12
QRCode
archive.org
thumbnail

Valve has added a new security layer for developers who publish their games on Steam after a few had their accounts hacked.

wccftech EN 2023 Valve MFA developers Steam hacked
4252 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio