Geek-Guy.com

Tag: GitHub

AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

Claude Code GitHub Actions Flaw Created Supply Chain Attack Risk

Organizations using Claude Code GitHub Actions should review their CI/CD environments after a researcher found vulnerabilities that could expose repositories to compromise and supply chain attacks.   The flaws, which have since been patched, allowed attackers to bypass permission controls and inject untrusted input into trusted workflows.   These vulnerabilities allow “… an attacker [to] bypass its…

Read more →

Global Security News, malware

Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware

Attackers are hosting counterfeit installers and plugins on GitHub and SourceForge that pose as widely used software, including ChatGPT, Claude, AutoTune, Kontakt, Ableton Live, and ZENOLOGY. The downloads deliver a backdoor called DinDoor, which then loads a remote access Trojan built on the Deno JavaScript runtime, according to Malwarebytes. Compromised YouTube channels push victims toward…

Read more →

Global Security News, AI, malware

GitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 repos

A large-scale automated GitHub backdooring campaign was caught pushing thousands of malicious commits into public repositories while posing as routine CI/CD upkeep. Researchers at SafeDep observed the campaign, Megalodon, touching more than five thousand repositories over a six-hour window on May 18. The attack was in the form of a malicious commit, “acac5a9,” targeting GitHub…

Read more →

AI, Data Breaches, Endpoint, Exploits, Global Security News, malware

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers exfiltrated code from around 3,800 of the company’s internal repositories. News of the incident first emerged on May 19, when GitHub said it was investigating “unauthorized access.” Hours later, the company’s X account confirmed the worst: “Yesterday we…

Read more →

AI, Data Breaches, Endpoint, Global Security News, Government & Policy, malware, Risk Management

GitHub says internal repositories were taken in poisoned VS Code extension attack

GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the growing risks facing software development platforms and the ecosystems built around third-party developer tools. The Microsoft-owned company said in posts on X that it detected and contained the…

Read more →

AI, Data Breaches, Endpoint, Global Security News, malware

A malicious VS code extension just breached GitHub ‘s internal repositories

One employee installed a trojanized VS Code extension. Result: ~3,800 GitHub internal repositories exfiltrated. TeamPCP claims credit, wants $50K. There is something almost ironic about GitHub, the platform that hosts the code for most of the world’s software, getting breached through a trojanized plugin for a code editor. But that is exactly what happened, and…

Read more →

AI, Global Security News

GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories

GitHub on Tuesday said it’s investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform’s source code and internal organizations for sale on a cybercrime forum. “While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Government & Policy

Contractor’s public GitHub account exposed GovCloud and CISA credentials

Until a few days ago, a publicly-accessible GitHub repository exposed credentials for both US government AWS accounts and internal Cybersecurity and Infrastructure Security Agency (CISA) systems. That’s according to cybersecurity reporter Brian Krebs, who first broke the news over the weekend, acting on a tip from researcher Guillaume Valadon at GitGuardian. Valadon confirmed the information…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, Network Security, Risk Management

CISA GitHub Leak Exposes AWS GovCloud Secrets 

A public GitHub repository tied to a CISA contractor reportedly exposed sensitive AWS GovCloud credentials, plaintext passwords, and internal deployment files.  Researchers said the exposure may have provided privileged access to multiple internal systems and cloud environments before the repository was removed.  “Passwords stored in plain text in a csv, backups in git, explicit commands…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Risk Management

GitHub scales back bug bounties, reminds users security is their responsibility too

Faced with the growing volume of submission to its bug bounty program, GitHub is replacing cash bounties with swag rewards for reports with low security impact — and asking researchers to stop submitting reports that are low quality or about things that aren’t its fault. The cloud-based code repository platform has seen a sharp increase…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News, Risk Management

Grafana confirms GitHub token breach cybercrime group claims the attack

Grafana confirmed a GitHub token breach that exposed source code, but said no customer data or systems were affected. Grafana Labs confirmed a security incident after the extortion group Coinbase Cartel listed it on a leak site and claimed data theft on May 15. The breach was triggered by a compromised token that gave attackers…

Read more →

Data Breaches, Global Security News

Attackers accessed, downloaded code from Grafana Labs’ GitHub

A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization firm announced on Sunday. The breach is significant given Grafana Labs’ widespread use across enterprise engineering and DevOps teams worldwide. Grafana Labs is best known for its open-source dashboard and visualization platform, but…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Global Security News

Identity security firm SailPoint discloses GitHub repository breach

SailPoint disclosed a GitHub repository breach on April 20. The company contained the incident and said no customer data was affected. SailPoint is a cybersecurity company that provides identity security and identity governance solutions for enterprises. Its products help organizations manage and control user access to systems, applications, and sensitive data. SailPoint revealed a cybersecurity…

Read more →

AI, Global Security News

Visual Studio cloud agents now run inside GitHub Copilot

Microsoft’s April update to Visual Studio introduces cloud agent integration in GitHub Copilot, enabling developers to offload tasks to remote infrastructure for scalable, isolated execution. You can now start cloud agent sessions directly from Visual Studio. Custom agents now support user-level definitions that persist across projects, making it easier to reuse configurations. The update also…

Read more →

AI, Exploits, Global Security News

Critical GitHub RCE bug exposed millions of repositories

A critical remote code execution (RCE) vulnerability in GitHub could potentially allow attackers to execute arbitrary code on GitHub.com and GitHub Enterprise Server. Uncovered by Wiz researchers, the now-patched bug exploited how GitHub handles server-side “git push” operations. By crafting malicious input within a standard Git push, an authenticated user could execute arbitrary commands via…

Read more →

AI, Exploits, Global Security News, Risk Management

CVE-2026-3854 GitHub flaw enables remote code execution

Critical GitHub flaw CVE-2026-3854 lets attackers run code with a single git push, exploiting a command injection bug. Researchers found a critical vulnerability in GitHub, tracked as CVE-2026-3854, that allows remote code execution through a simple git push. The vulnerability affects GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, GitHub Enterprise Cloud with Enterprise…

Read more →

AI, Apps, Global Security News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March 31, but noted that no user data or internal system was compromised. “Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps,” OpenAI said in a…

Read more →

AI, Global Security News

Phishers sneak through using GitHub and Jira’s own mail delivery infrastructure

Attackers are abusing the notification systems of SaaS platforms like GitHub and Jira to send phishing and spam emails, Cisco Talos researchers are warning. “Because the emails are dispatched from the platform’s own infrastructure, they satisfy all standard authentication requirements (SPF, DKIM, and DMARC), effectively neutralizing the primary gatekeepers of modern email security,” they note.…

Read more →

AI, Global Security News

Attempts to Exploit Exposed “Vite” Installs (CVE-2025-30208), (Thu, Apr 2nd)

From its GitHub repo: “Vite (French word for “quick”, pronounced /vi?t/, like “veet”) is a new breed of frontend build tooling that significantly improves the frontend development experience” [https://github.com/vitejs/vite]. This environment introduces some neat and useful shortcuts to make developers’ lives simpler. But as so often, if exposed, these features can be turned against you.…

Read more →

AI, Cloud Security, Global Security News, malware

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack. The workflows, both maintained by the supply chain security company Checkmarx, are listed below – checkmarx/ast-github-action checkmarx/kics-github-action Cloud security

Read more →

AI, Apps, Global Security News, Risk Management

GitHub leans on hybrid detection model to expand vulnerability coverage

GitHub is expanding its application security capabilities with AI-powered security detections designed to identify risks earlier in the development process, with public preview planned for early Q2. The update is intended to improve code scanning, secret detection, and dependency analysis within repositories hosted on the platform. The company said the new detections are designed to…

Read more →

AI, Funding, Global Security News

Major tech companies invest $12.5 million in open source security

The Linux Foundation announced $12.5 million in grant funding backed by Anthropic, AWS, GitHub, Google, Google DeepMind, Microsoft, and OpenAI to strengthen open source security. The funding will be directed through the foundation’s Alpha-Omega Project and the Open Source Security Foundation (OpenSSF). The initiative aims to address long-standing gaps in how open source software is…

Read more →

AI, Funding, Global Security News

Linux Foundation secures $12.5 million to strengthen open source security and support maintainers

The Linux Foundation has announced a total of $12.5 million in grants from Anthropic, AWS, GitHub, Google, Google DeepMind, Microsoft, and OpenAI to strengthen the security of the open source software ecosystem. The funding will be managed by Alpha-Omega and the Open Source Security Foundation (OpenSSF), trusted security initiatives within the Linux Foundation, to support…

Read more →

AI, Apps, Global Security News, malware, Russia

Massive GitHub malware operation spreads BoryptGrab stealer

Trend Micro found BoryptGrab stealer spreading through 100+ GitHub repositories, stealing browser data, crypto wallets, system information, and user files. Trend Micro uncovered a campaign distributing the BoryptGrab information stealer through more than 100 GitHub repositories. BoryptGrab is designed to collect browser and cryptocurrency wallet data, system details, and common files. Some variants also deploy…

Read more →

AI, Exploits, Global Security News

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue. The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patched by Microsoft following responsible disclosure. “Attackers can craft hidden instructions inside a

Read more →

AI, Anthropic, GitHub, Global Security News, News, openai

GitHub enables multi-agent AI coding inside repository workflows

GitHub has expanded Agents HQ, enabling AI coding agents such as GitHub Copilot, Claude by Anthropic, and OpenAI Codex to execute development tasks directly within GitHub and developer editors while preserving repository context, session history, and review workflows. Copilot Pro+ and Copilot Enterprise developers can start agent sessions from GitHub, GitHub Mobile, and Visual Studio…

Read more →