Zapier is notifying customers about a “security incident,” which involved an unauthorized user gaining access to the company’s code repositories and “certain custom information.”
Attackers are using Docker Hub for malicious campaigns of various types, including spreading malware, phishing and scams. Read the analysis of 3 malware campaigns.
GitHub keeps removing malware-laced repositories, but thousands remain.
VulnCheck discovers a network of fake security researcher accounts promoting hidden malware.
Update to the latest version of Desktop and previous version of Atom before February 2.
