Microsoft-owned GitHub has updated its policies on sharing malware and exploits on the site to better support security researchers sharing so-called "dual-use" software – or software that can be used ...

Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm Kaspersky has warned. The campaign, dubbed “GitVenom,” involves attackers ...

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...

Threat actors known as 'Stargazer Goblin' have created a malware Distribution-as-a-Service (DaaS) from over 3,000 fake accounts on GitHub that push information-stealing malware. The malware delivery ...

A threat actor known as "Stargazer Goblin" has found a new way to leverage GitHub to distribute malware and malicious links to unsuspecting users. Instead of hosting malware on GitHub and then luring ...

Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. The ...

The malware had already put millions of routers and IoT devices at risk, and now any noob can have at it. The BotenaGo botnet source code has been leaked to GitHub, putting millions of routers and ...

McAfee researchers find number of malicious GitHub repositories The repositories change every week, but always promise game ...

Kaspersky finds 15 malicious GitHub repositories posing as proof‑of‑concept exploits, some crafted with Gen AI Victims receive a ZIP with decoys and a dropper (rasmanesc.exe) that installs WebRAT ...

A new campaign exploiting GitHub to distribute malicious Python code disguised as legitimate hacking tools has been uncovered by cybersecurity researchers. The operation, tied to the group known as ...

The malware tricks IT personnel into downloading malicious GitHub Desktop installers with GPU-gated decryption targeting sensitive data across Windows and macOS environments. Security researchers at ...