Bleeping Computer

Malicious Visual Studio projects on GitHub push Keyzetsu malware

Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. The ...
ZDNet

GitHub security alerts now support PHP projects

Since the Dependency Graph feature is intertwined with the Security Alerts (Vulnerability Alerts) feature, this also means GitHub users will also be eligible to receive automatic security alerts for ...
Ars Technica

GitHub abused to distribute payloads on behalf of malware-as-a-service

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...
Dark Reading

GitHub Attack Vector Cracks Open Google, Microsoft, AWS Projects

Researchers have uncovered an attack vector that affected GitHub open source projects owned by Google, Microsoft, Amazon Web Services, and others, executed by abusing artifacts generated as part of ...
CSOonline

15 open source GitHub projects for security pros

GitHub has a ton of open source options for security professionals, with new entries every day. Add these tools to your collection and work smarter. Whether you are a sysadmin, a threat intel analyst, ...
Bleeping Computer

GitHub Security Alerts Now Support Python Projects

GitHub has updated its security alerts feature this week to support Python projects, after previously supporting JavaScript and Ruby. The feature, which launched last November, works by analyzing a ...