#github-compromise

[ follow ]
#credential-theft #oauth-token-theft #supply-chain-attacks #vs-code-extensions #open-source-security
#supply-chain-attacks
fromTechCrunch
1 week ago
Information security

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack | TechCrunch

Information security
fromTechCrunch
1 week ago

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack | TechCrunch

Hackers compromised open source project accounts and released malicious updates to steal credentials and spread malware to downstream users.
Information security
fromThe Hacker News
1 week ago

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

A compromised Nx Console VS Code extension silently installs a credential-stealing payload via an orphan commit, exfiltrating secrets and adding a macOS backdoor.
more#supply-chain-attacks
Information security
fromSecurityWeek
1 week ago

Grafana Confirms Breach After Hackers Claim They Stole Data

A compromised GitHub token enabled attackers to download Grafana’s codebase, demand ransom, and threaten leaks, but no customer data was taken and systems were unaffected.
Information security
fromSecurityWeek
2 months ago

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Threat actors exploited stolen VS Code credentials to compromise GitHub accounts and inject malware into Python repositories through a technique called ForceMemo that leaves minimal forensic traces.
Information security
fromIT Pro
6 months ago

Shai-Hulud malware is back with a vengeance and hit more than 19,000 GitHub repositories so far - here's what developers need to know

Shai-Hulud worm infects npm packages, compromising ~700 packages and over 19,000 GitHub repositories to exfiltrate credentials, spread malicious payloads, and delete user files.
fromInfoWorld
6 months ago

How GlassWorm wormed its way back into developers' code - and what it says about open source security

Just a little over two weeks after GlassWorm was declared "fully contained and closed" by the open source OpenVSX project, the self-propagating worm is once again targeting Visual Studio Code extensions, add-ons that enhance open source VS Code, providing new features, debuggers, and other tools to improve developer workflows. Researchers from Koi have discovered a new wave of infections and three more compromised extensions.
Information security
#oauth-token-theft
fromIT Pro
8 months ago
Information security

Salesloft Drift hackers had access to company GitHub account for months before attacks

fromIT Pro
8 months ago
Information security

Salesloft Drift hackers had access to company GitHub account for months before attacks

more#oauth-token-theft
fromTheregister
8 months ago

Drift attackers gained entry via a Salesloft GitHub account

The Salesloft Drift breach that compromised "hundreds" of companies including Google, Palo Alto Networks, and Cloudflare, all started with miscreants gaining access to the Salesloft GitHub account in March. This new information comes from a Saturday update into the Mandiant-led investigation - Salesloft hired the incident response firm to determine the root cause and scope of the incident - and a Sunday alert that the integration between Salesloft and Salesforce has now been restored.
Information security
[ Load more ]