#malicious-code

[ follow ]
#cybersecurity
Information security
fromITPro
4 months ago

'GitVenom' campaign uses dodgy GitHub repositories to spread malware

Security researchers warn of a campaign using GitHub to distribute malware through fake repositories.
Threat actors created over 200 repositories with malicious code, misleading README files, and diverse programming languages.
Information security
fromDeveloper Tech News
5 months ago

Matan Giladi, Apiiro: Guarding your code against malicious patterns

Malicious code remains a significant threat, highlighting the need for better security tools in software supply chains.
Apiiro has introduced open-source tools to enhance security against malicious code attacks.
Artificial intelligence
fromWIRED
2 months ago

AI Code Hallucinations Increase the Risk of 'Package Confusion' Attacks

AI-generated code often references non-existent third-party libraries, posing risks for supply-chain attacks.
Information security
fromMashable ME
6 months ago

Hackers take over Google Chrome extensions in cyberattack

Hackers compromised multiple Chrome extensions to steal sensitive user data through a phishing attack on developers during the Christmas season.
Information security
fromITPro
4 months ago

'GitVenom' campaign uses dodgy GitHub repositories to spread malware

Security researchers warn of a campaign using GitHub to distribute malware through fake repositories.
Threat actors created over 200 repositories with malicious code, misleading README files, and diverse programming languages.
Information security
fromDeveloper Tech News
5 months ago

Matan Giladi, Apiiro: Guarding your code against malicious patterns

Malicious code remains a significant threat, highlighting the need for better security tools in software supply chains.
Apiiro has introduced open-source tools to enhance security against malicious code attacks.
Artificial intelligence
fromWIRED
2 months ago

AI Code Hallucinations Increase the Risk of 'Package Confusion' Attacks

AI-generated code often references non-existent third-party libraries, posing risks for supply-chain attacks.
Information security
fromMashable ME
6 months ago

Hackers take over Google Chrome extensions in cyberattack

Hackers compromised multiple Chrome extensions to steal sensitive user data through a phishing attack on developers during the Christmas season.
fromTheregister
1 week ago

Stopping the rot when good software goes bad means new rules

In the history of art, tools assisted users in their creative endeavors, but contemporary software can now act maliciously against user intentions. A Chrome extension color picker exhibited deceptive behavior, transmitting data despite its initial benign appearance, highlighting the vulnerability of software updates and the difficulty in ensuring ongoing integrity without thorough verification processes.”},{
Privacy technologies
DevOps
fromInfoQ
3 months ago

Compromised GitHub Action Highlights Risks in CI/CD Supply Chains

A popular GitHub Action was compromised, exposing critical security weaknesses in the CI/CD pipeline of open-source Actions.
[ Load more ]