Threat Post

Breached Credentials Used to Access Github Repositories

Password reuse strikes GitHub users, some of whom will have to reset their credentials after unauthorized attempts were made to access a large number of GitHub accounts. Github is forcing a password ...
Infosecurity-magazine.com

GitHub Rotates Credentials and Patches New Bug

GitHub has revealed that service disruption in December was due to it rotating credentials after the discovery of a high-severity bug, and warned that some customers may need to take additional action ...
ExtremeTech

Git Tools Patched to Address Credential Vulnerabilities: Update Now

Two recent security issues with Git and its related tools have been fixed, so users should update their software. The vulnerabilities, CVE-2024-53263 and CVE-2024-53858, involve issues with credential ...
Bleeping Computer

DeepSource resets logins after employee falls for Sawfish phishing

GitHub notified DeepSource earlier this month of detecting malicious activity related to the startup's GitHub app after one of their employees fell victim to the Sawfish phishing campaign. DeepSource ...

PhantomRaven attack floods npm with credential-stealing packages

An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal ...
Hosted on MSN

Kaspersky warns of malware-ridden GitHub projects: how hackers are stealing credentials

Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm Kaspersky has warned. The campaign, dubbed “GitVenom,” involves attackers ...