GraphAlgo Scam: Lazarus Hackers Register Real US LLCs to Spread Malware
ReversingLabs has discovered a fresh wave of the graphalgo campaign in which North Korean Lazarus hackers are using fake Florida LLCs, mimicking SWFT Blockch...
GitHub
20 articles
Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data
A high-severity flaw in GitHub Copilot Chat recently allowed attackers to silently steal sensitive data like API keys and private source code. Tracked as CVE...
GitHub, GitLab Abused for Malware and Phishing Campaigns
Hackers are increasingly abusing trusted software development platforms GitHub and GitLab to host malware and credential phishing campaigns, making defensive...
GlassWorm Trojan Hits VS Code, Cursor, Windsurf via OpenVSX Extension
A newly discovered supply chain attack is spreading the GlassWorm malware across multiple developer environments by abusing the OpenVSX extension marketplace...
Claude Code Leak Exploited to Spread Vidar and GhostSocks via GitHub Releases
Hackers are turning the Claude Code source leak into an active malware-delivery channel, using GitHub Releases to push the Vidar stealer and GhostSocks under...
GitHub Copilot CLI gets a second-opinion feature built on cross-model review
Coding agents make decisions in sequence: a plan is drafted, implemented, then tested. Any error introduced early compounds as subsequent steps build on the ...
Phishing LNK files and GitHub C2 power new DPRK cyber attacks
DPRK-linked hackers use GitHub C2s, starting attacks via phishing LNK files that drop a PDF and PowerShell script in South Korea. North Korea-linked threat a...
Fake GitHub CI Update Steals Secrets and Tokens
An automated campaign abusing GitHub’s pull_request_target workflow trigger to steal CI/CD secrets at scale. The attacker, using the handle ezmtebo, fired of...
North Korean Hackers Abuse GitHub to Spy on South Korean Firms
Researchers from FortiGuard Labs have uncovered a high-severity spying campaign targeting South Korean companies.
Claude Code leak used to push infostealer malware on GitHub
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. [.
Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)
From its GitHub repo: "Vite (French word for "quick", pronounced /vi?t/, like "veet") is a new breed of frontend build tooling that significantly improves th...
GitHub Used as Covert Channel in Multi-Stage Malware Campaign
LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration
OpenAI fixes Codex flaw that could lead to GitHub token theft
A command injection hidden in a branch name could cause an OAuth token to be exfiltrated.
Intel puts its data center performance knowledge on GitHub
Intel engineers have published a centralized repository of data center performance knowledge on GitHub, giving practitioners direct access to tuning guides, ...
Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise
Researchers found an OpenAI Codex vulnerability that could have been exploited to compromise GitHub tokens. The post Critical Vulnerability in OpenAI Codex A...
OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens
OpenAI Codex vulnerability allowed attackers to steal GitHub tokens via malicious branch names using hidden Unicode command injection flaw.
The State of Secrets Sprawl 2026: 9 Takeaways for CISOs
Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian's State of Secrets Sprawl 2026 report ana...
Telnyx Python SDK Backdoored on PyPI to Steal Cloud Credentials
The popular Telnyx Python SDK on PyPI to deploy a multi‑stage credential‑stealing operation that targets cloud infrastructure, Kubernetes clusters, and devel...
Fake VS Code alerts on GitHub spread malware to developers
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various ...
AI frenzy feeds credential chaos, secrets spread through code, tools, and infrastructure
Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.