all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware

Add to bookmarks
April 10, 2024, 12:38 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware.
The latest assault on the open-source software supply chain involves concealing malicious code within Microsoft Visual Code project files that's designed to download next-stage payloads from a remote URL,

assault code developers download fake files github latest malicious malware microsoft next open-source software payloads popular project repositories scam search software software supply chain stage supply supply chain threat threat actors visual code

Visit resource

More from thehackernews.com / The Hacker News

Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers 54 minutes ago | thehackernews.com
android android devices android malware binary +21
Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success 3 hours ago | thehackernews.com
course cybersecurity decision employees +8
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan 4 hours ago | thehackernews.com
analysis anti-analysis authors banking +14
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia 8 hours ago | thehackernews.com
agency classified defense documents +17
Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years 1 day ago | thehackernews.com
attacks campaigns containers cybersecurity +10
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure 1 day, 3 hours ago | thehackernews.com
address ai risks ai security artificial +16
Considerations for Operational Technology Cybersecurity 1 day, 4 hours ago | thehackernews.com
change control cybersecurity devices +18
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 1 day, 8 hours ago | thehackernews.com
act and telecommunications april bans +23
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 1 day, 21 hours ago | thehackernews.com
access accounts address android +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Cyber Risk Analyst

@ Intel | USA - AZ - Chandler
View on infosec-jobs.com

Senior Cloud Security Engineer (Fullstack)

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Principal Product Security Engineer

@ Oracle | United States
View on infosec-jobs.com

Cybersecurity Strategy Director

@ Proofpoint | Sunnyvale, CA
View on infosec-jobs.com

Information Security Consultant/Auditor

@ Devoteam | Lisboa, Portugal
View on infosec-jobs.com

IT Security Engineer til Netcompany IT Services

@ Netcompany | Copenhagen, Denmark
View on infosec-jobs.com
View more jobs