News

CSO Online9d
GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos
Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising ...
Bleeping Computer26d
Hacker targets other hackers and gamers with backdoored GitHub code - BleepingComputer
A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub that contain hidden backdoors to give the threat actor remote access to ...
Wired2y
GitHub Moves to Guard Open Source Against Supply Chain Attacks
The popular Microsoft-owned code repository plans to roll out code signing, which will help beef up the security of open source projects. Skip to main content Open Navigation Menu ...
TechRepublic2y
350,000 open source projects at risk from Python vulnerability - TechRepublic
Working with GitHub, they found 2.87 million open-source files which contained Python’s tarfile module in about 588,000 unique repositories — 61% of which, or 350,000, were vulnerable to being ...
Computer Weekly2y
15-year-old Python bug present in 350,000 open source projects
Trellix is now working to push code via GitHub pull request to protect open source projects from CVE-2007-4559, and will be making available a free tool for developers to use to check if their ...