Kaspersky warns of malware-ridden GitHub projects: how hackers are stealing credentials

Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm ...
Cybernews

Target source code for sale on dark web as employees confirm it’s authentic

Hackers have published what appears to be a sample of stolen repositories on Gitea, a public software development platform, ...

Target's dev server offline after hackers claim to steal source code

Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be ...
SecurityWeek

North Korean Hackers Target macOS Developers via Malicious VS Code Projects

North Korean hackers target macOS developers with malware hidden in Visual Studio Code task configuration files.
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...
Business Insider

Hackers Are Using Fake GitHub Code to Steal Your Bitcoin: Kaspersky

The GitHub code you use to build a trendy application or patch existing bugs might just be used to steal your bitcoin (BTC) or other crypto holdings, according to a Kaspersky report. GitHub is popular ...
KXAN

New Vulnerability in GitHub Copilot and Cursor: How Hackers Can Weaponize Code Agents Through Compromised Rule Files

TEL AVIV, Israel, March 18, 2025 (GLOBE NEWSWIRE) -- Pillar Security, a pioneering company in AI security, discovered a significant vulnerability affecting GitHub Copilot and Cursor - the world's ...
InfoWorld

Thousands of open source projects at risk from hack of GitHub Actions tool

App development teams who use a popular utility in the GitHub Actions continuous integration and continuous delivery/deployment (CI/CD) platform need to scrub their code because the tool was ...

Hackers exploit security testing apps to breach Fortune 500 firms

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...