-
Attackers have weaponized a malicious fork of the legitimate Triton macOS client for omg.lol, turning a trusted open-source project into a delivery channel for Windows malware hosted on GitHub. The campaign abuses GitHub’s forking model, misleading REA…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Lazarus Group’s latest software supply chain operation is using fake recruiter lures and popular open‑source ecosystems to deliver malware to cryptocurrency‑focused developers quietly. The campaign, dubbed graphalgo, abuses GitHub, npm, and PyPI to hid…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
RU-APT-ChainReaver-L Hijacks Trusted Sites and GitHub in Sweeping Cross-Platform Supply Chain Attack
A newly exposed advanced persistent threat (APT) campaign, tracked as RU-APT-ChainReaver-L, is hijacking trusted file-hosting sites and long-standing GitHub accounts to deliver stealthy malware to Windows, macOS, and iOS users at scale. The campaign ab…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Bitdefender Labs reveals that 17% of OpenClaw AI skills analyzed in February 2026 are malicious. With over 160,000…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors have successfully exploited a design flaw in GitHub’s fork architecture to distribute malware disguised as the legitimate GitHub Desktop installer. The attack chain begins with a deceptively simple but effective technique. Attackers…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity firm Ontinue reveals how the open-source tool Nezha is being used as a Remote Access Trojan (RAT) to bypass security and control servers globally.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A GitHub repository posing as a vulnerability scanner for CVE-2025-55182, also referred to as “React2Shell,” was exposed as…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab’s security team has discovered a severe, ongoing attack spreading dangerous malware through npm, the world’s most extensive code library. The malware uses an alarming “dead man’s switch,” a self-destruct trigger tha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated supply chain attack has compromised hundreds of npm packages and exposed secrets from tens of thousands of GitHub repositories, with cybersecurity researchers now documenting how attackers weaponized GitHub Actions workflows to bootstra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On Friday, November 7th, Veracode Threat Research discovered a dangerous typosquatting campaign targeting developers using GitHub Actions. The malicious npm package “@acitons/artifact” had accumulated over 206,000 downloads before being rem…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶