Atomic Stealer malware installs silently via fake GitHub Pages targeting Mac users Attackers create multiple GitHub…
Continue ReadingCategory: Home Care
GitHub is finally tightening up security around npm following multiple attacks
GitHub will enforce 2FA and deprecate legacy tokens to improve package publishing security Trusted Publishing will…
Continue Reading
NPM packages from Nx targeted in latest worrying software supply chain attack
When a token with publishing rights was stolen, multiple poisoned Nx variants were released The malware…
Continue Reading
Chinese malware is flooding GitHub pages – HiddenGh0st, Winos and kkRAT hit devs via SEO poisoning
Chinese users are being targeted by malware campaigns using spoofed download sites and SEO poisoning kkRAT…
Continue Reading
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
GhostAction attack stole 3,325 secrets from 327 GitHub accounts GitGuardian helped shut it down and alerted…
Continue Reading
Hook v3 unleashes a shocking arsenal of ransomware overlays, fake banking prompts, spyware functions, and real-time device monitoring
Hook v3 uses fake Google Pay overlays to trick victims into surrendering sensitive card data Real-time…
Continue Reading