Mur d'images - Cyberveille

curated by Decio

wget to Wipeout: Malicious Go Modules Fetch Destructive Payload

Linux wiper malware hidden in malicious Go modules on GitHub

Grafana security update: no customer impact from GitHub workflow vulnerability

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

DPRK IT Fraud Network Uses GitHub to Target Global Companies

North Korean Fake IT Workers Leverage GitHub to Build Personas

Clever 'GitHub Scanner' campaign abusing repos to push malware

Scammers advertise fake AppleCare+ service via GitHub repos

Stargazers Ghost Network

New York Times warns freelancers of GitHub repo data breach

Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets

Over 170K users hit by poisoned Python package ruse

GitHub besieged by millions of malicious repositories in ongoing attack | Ars Technica

Binance Code and Internal Passwords Exposed on GitHub for Months

How a mistakenly published password exposed Mercedes-Benz source code

Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)

38TB of data accidentally exposed by Microsoft AI researchers | Wiz Blog

Microsoft AI Employee Accidentally Leaks 38TB of Data

BlackLotus UEFI Bootkit Source Code Leaked on GitHub

Fake Security Researcher GitHub Repositories Deliver Malicious Implant

Action needed for GitHub Desktop and Atom users

Pro-Russia hackers use Telegram, GitHub to attack Czech presidential election

zhuowei/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.

Okta's source code stolen after GitHub repositories hacked

Attacking Apple's Neural Engine

How we handled a recent phishing incident that targeted Dropbox

Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

Git security vulnerability announced