News
Bad actors are using GitHub's repository structure and paid Google Ads placements to trick EU IT users into downloading a unique malware dubbed "GPUGate" that includes new hardware-specific evasion ...
From March to June 2025, a cyber attacker was able to snoop around in Salesloft's GitHub account. This resulted in the theft ...
The malware tricks IT personnel into downloading malicious GitHub Desktop installers with GPU-gated decryption targeting ...
14hon MSN
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved ...
Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
Most Android devices default to the Google Play Store for downloading and installing apps, but it's far from the only place ...
The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...
GPUGate malware uses Google Ads and fake GitHub commits to steal data from IT firms since Dec 2024, bypassing sandboxes and GPU-lacking systems.
A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback