-
McAfee’s Threat Research team recently uncovered a sophisticated new Astaroth campaign that represents a significant evolution in malware infrastructure tactics. This latest variant has abandoned traditional command-and-control (C2) server depend…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has issued a critical security update to address several denial-of-service (DoS) vulnerabilities affecting both Community Edition (CE) and Enterprise Edition (EE). Self-managed installations should upgrade immediately to versions 18.4.2, 18.3.4,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hosted at the repository “Huckel789/Android-RAT,” this fully undetectable (FUD) RAT is designed to evade antivirus detection permanently, maintain persistence in battery-optimized environments, and deliver a feature-rich command-and-control (C2C) exper…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recent wave of sophisticated phishing attacks has targeted developers and startups by impersonating Y Combinator through GitHub notifications. Victims are being tricked into believing they’ve been selected for startup funding, only to face fina…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large-scale campaign targeting Mac users is leveraging fake GitHub pages to distribute information-stealing malware disguised as popular legitimate applications. Among the impersonated software are Malwarebytes for Mac, LastPass, Citibank, SentinelOn…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Open source software powers much of today’s technology, enabling developers around the world to build and share tools, libraries, and applications. However, the same openness that drives innovation also presents serious security challenges. Attackers r…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a new phishing campaign that exploits GitHub’s official notification system to deliver malicious links and credential-stealing payloads. By capitalizing on the trust that open-source contributors place in GitHub…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign is targeting Mac users through fraudulent GitHub repositories that masquerade as legitimate software downloads, with threat actors exploiting search engine optimization tactics to deliver malicious links directly to uns…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The developers behind the PureHVNC remote access trojan (RAT) have been uncovered using GitHub repositories to host critical components and plugin source code for their Pure malware family. Check Point Research’s recent forensic analysis of an eight-da…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malvertising campaign has been uncovered targeting unsuspecting users through “dangling commits” in a legitimate GitHub repository. Attackers are injecting promotional content for a counterfeit GitHub Desktop installer into popular deve…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
