At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain. Continue reading Octopus Scanner Sinks Tentacles into GitHub Repositories
By Sudais Asif
Hackers are remotely stealing cryptocurrencies using bots on Github.
This is a post from HackRead.com Read the original post: Hackers use Github bot to steal $1,200 in ETH within 100 seconds
Continue reading Hackers use Github bot to steal $1,200 in ETH within 100 seconds
GitHub has uncovered a form of malware that spreads via infected repositories on its system. Continue reading Github uncovers malicious ‘Octopus Scanner’ targeting developers
For GitHub, not all reports about malicious software on its platform are of equal importance. The company behind the popular software repository, where developers often share code rather than building it from scratch, revealed this week that attackers were trying to exploit the open-source nature of the site to distribute malware. A hacking tool was designed to spread through software projects, then leave a “backdoor” that could offer hackers persistent access to the software. By infiltrating open-source software, hackers could have given themselves a foothold in code that was later included in corporate apps or websites. Open-source websites continue to represent valuable targets for hackers hoping that technology companies will adopt compromised tools to build their own software. (GitHub claims the site has tens of millions of users.) In this case, the malicious code — which spread to 26 different GitHub projects — is an example of the potentially insidious nature of open-source supply chain compromises. Dubbed Octopus Scanner, […]
The post How GitHub untangled itself from the ‘Octopus’ malware that infected 26 software projects appeared first on CyberScoop.
In the late 1970s and early 1980s, if you had a personal computer there was a fair chance it either booted into some version of Microsoft Basic or you could load and run Basic. There were other versions, of course, especially for very small computers, but the gold standard for …read more
I have a codebase that I’ve been keeping on Github that I don’t want to worry about losing. I’ve intermittently backed up all the repos to an S3 instance, but this doesn’t feel secure. If my Github and AWS accounts, or just my machine, wer… Continue reading Solutions for backing-up my codebase
Microsoft is open-sourcing its Fluid Framework on GitHub, and launching the first way for end users to use the new framework in Microsoft 365 with Fluid Workspaces and Components.
The post Microsoft Open-Sources Fluid Framework, Launches Preview for O… Continue reading Microsoft Open-Sources Fluid Framework, Launches Preview for Outlook and Office Online
The rise of GitOps comes from the industry’s increased adoption of Kubernetes. As organizations and teams shift towards Kubernetes, scaling their cluster management practices becomes imperative as teams and workloads grow in size. This is where G… Continue reading How GitOps Raises the Stakes for Application Security
Dshell is a network forensics tool that extracts data from network traffic, either from a pcap or live from a network interface.
You can us Git or Subversion to install the tool.
[root@legolas opt]# git clone https://github.com/USArmyResearchLab/Dshe… Continue reading Quick Tip #4 – Dshell
The Shiny Hunters hacking group said it stole 500 GB of data from the tech giant’s repositories on the developer platform, which it owns. Continue reading Report: Microsoft’s GitHub Account Gets Hacked