GitHub notifications abused to impersonate Y Combinator for crypto theft

A massive phishing campaign targeted GitHub users with cryptocurrency drainers, delivered via fake invitations to the Y ...
SecurityWeek

GitHub Boosting Security in Response to NPM Supply Chain Attacks

In the light of recent supply chain attacks targeting the NPM ecosystem, GitHub will implement tighter authentication and ...
CSO Online

Macs go phishing as GitHub impostors drop Atomic stealer

OS users are being tricked in the ongoing campaign with fake GitHub pages that deliver the Atomic infostealer.

LastPass Warns Of GitHub Scam Infecting Macs

Cybercriminals are stepping up their attacks on Mac users, using fake GitHub repositories to spread malware disguised as ...
DataBreachToday

OpenAI Fixes Gmail Data Flaw in ChatGPT Agent

OpenAI patched a flaw in ChatGPT's Deep Research agent that could have enabled hackers to extract Gmail data without the user ...
Cyber Daily

GitHub to address npm supply chain as CISA warns of spreading Shai-Hulud worm

Popular code repository GitHub is taking action against hackers targeting popular JavaScript code packages to spread malware.

UXLink hack shows risks of centralized control in DeFi projects

FearsOff CEO Marwan Hachem told Cointelegraph that timelocks, hardcoded caps and better audits could have prevented the ...

GitHub is finally tightening up security around npm following multiple attacks

Furthermore, GitHub announced it would deprecate legacy classic tokens, as well as time-based one-time password (TOTP) 2FA, ...