News

CSO Online5d
GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos
Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising ...
The Hacker News4d
200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
A new cybersecurity campaign has exposed 67 trojanized GitHub repositories, targeting gamers and developers with malicious ...
Infosecurity Magazine6d
Banana Squad’s Stealthy GitHub Malware Campaign Targets Devs
Discovered by ReversingLabs, the campaign reflects a shift in open-source software supply chain attacks. While overall ...
Developer Tech5d
Look right: Threat campaign fooling developers in GitHub repos
A threat campaign has been targeting software developers through GitHub repos that, at first glance, look completely ...
Ars Technica1y
Hugging Face, the GitHub of AI, hosted code that backdoored user devices
Code uploaded to AI developer platform Hugging Face covertly installed backdoors and other types of malware on end-user machines, researchers from security firm JFrog said Thursday in a report ...
Bleeping Computer2y
Unpatched 15-year old Python bug allows code execution in 350k projects - BleepingComputer
Unpatched 15-year old Python bug allows code execution in 350k ... small sample set served only as a baseline for coming up with an estimation of all impacted repositories available on GitHub.