Dangerous WebRAT malware now being spread by GitHub repositories

Cybersecurity researchers Kaspersky said they found 15 malicious repositories hosted on GitHub. These repositories, ...

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...
CSO Online

Webrat turns GitHub PoCs into a malware trap

The known RAT aimed at gamers is now targeting security professionals searching GitHub for PoCs and exploit codes.
PC Magazine

Windows Malware on GitHub Wants to Steal Your Crypto

Malicious actors are gaming GitHub's search results to trick unsuspecting users into accidentally downloading Windows malware on their computers, according to a new report from cybersecurity software ...
The Hacker News

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

PyStoreRAT spreads via fake GitHub tools using small Python or JavaScript loaders to fetch HTA files and install a modular ...
Bleeping Computer

GitHub comments abused to push password stealing malware masked as fixes

GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments. The campaign was first reported by a contributor to the teloxide rust ...

Shai Hulud malware turns developers into unwitting distributors in NPM supply chain attacks

Shai Hulud is a malware campaign first observed in September targeting the JavaScript ecosystem that focuses on supply chain ...
GIGAZINE

Malware appears that uses GitHub notification emails to trick users into thinking they are from the security team

Ian Spence, an open source software (OSS) developer, reported in a blog post the existence of malware that exploits GitHub notification emails. GitHub Notification Emails Hijacked to Send Malware - ...
The Next Web

Report: GitHub hosts the most cryptocurrency mining malware of any site

It’s no secret cryptojackers prefer Monero, but now researchers have determined exactly how much they have gained with illicit cryptocurrency mining malware. While the exact amount of generated ...
ZDNet

GitHub: Here's how we're changing our rules around malware and software vulnerability research

Microsoft-owned GitHub has updated its policies on sharing malware and exploits on the site to better support security researchers sharing so-called "dual-use" software – or software that can be used ...