At the beginning of 2025, Trellix specialists uncovered a sweeping cyber-espionage campaign targeting diplomatic missions in Seoul. Between March and July, at least nineteen phishing attacks were recorded, in which North Korean–linked actors impersonated...
In the first half of 2025, researchers observed the active exploitation of a new malware loader known as CastleLoader. Since its emergence, this tool has become a central element in the distribution infrastructure for...
Following a sweeping law enforcement operation in May—which dismantled over 2,300 domains and disrupted portions of its infrastructure—the malicious Lumma platform is once again exhibiting a resurgence in activity. Despite the significant blow, the...
In April 2025, cybersecurity experts from Cisco Talos uncovered a new threat vector: cybercriminals exploiting public repositories on GitHub to host malicious payloads used in distributing the Amadey trojan. According to researchers, the creation...
Over the weekend, an employee of the Department of Government Efficiency (DOGE), an agency under Elon Musk’s purview, inadvertently exposed a confidential key that granted direct access to over 50 of xAI’s language models....
Security researchers from GitGuardian and Synacktiv have uncovered a critical vulnerability in Laravel, the widely used PHP framework that powers hundreds of thousands of web applications. The issue stems from the leakage of the...
Cybercriminals have begun leveraging GitHub to disseminate dangerous spyware disguised as a free VPN service. The malicious campaign, uncovered by researchers at Cyfirma, masqueraded as a program called “Free VPN for PC.” Instead of...
GitAlerts GitHub repositories created under any organization can be controlled by the GitHub administrators. However, any repository created under an organization’s user account is not controllable unless the organization has adopted the GitHub enterprise-managed...
GShark The project is based on golang with AdminLTE to build a management system to manage the Github search results. Github API has been utilized to scrawl the related results according to keywords and...
Security researchers have uncovered multiple repositories on GitHub distributing malicious software under the guise of cracked versions of popular software. In a malicious operation dubbed “gitgub,” specialists from the German company G DATA identified...
In 2023, GitHub users inadvertently disclosed approximately 12.8 million credentials and other confidential secrets across more than 3 million public repositories. Cybersecurity experts at GitGuardian, upon investigating this issue, dispatched 1.8 million cautionary emails...
Cybereason has identified a new malware variant named Snake, which proliferates through Facebook messages. This Python-written infostealer is designed to pilfer confidential user data. The stolen data are transmitted across various platforms, including Discord,...
