all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

GitLab affected by GitHub-style CDN flaw allowing malware hosting

Add to bookmarks
April 22, 2024, 3:05 p.m. | Ax Sharma

BleepingComputer www.bleepingcomputer.com

BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. It turns out, GitLab is also affected by this issue and could be abused in a similar fashion. [...]

bleepingcomputer cdn decision design fashion files flaw github gitlab hosting issue making malware microsoft repositories security threat threat actors urls

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

NSA warns of North Korean hackers exploiting weak DMARC email policies an hour ago | www.bleepingcomputer.com
apt43 attacks authentication dmarc +19
Google rolls back reCaptcha update to fix Firefox issues 3 hours ago | www.bleepingcomputer.com
back bug captcha firefox +11
NATO and EU condemn Russia's cyberattacks against Germany, Czechia 5 hours ago | www.bleepingcomputer.com
apt28 campaign countries cyber +14
Microsoft rolls out passkey auth for personal Microsoft accounts 5 hours ago | www.bleepingcomputer.com
accounts auth authenticate biometric +20
CEO who sold fake Cisco devices to US military gets 6 years in prison 22 hours ago | www.bleepingcomputer.com
ceo cisco companies counterfeit +14
Bitwarden launches new MFA Authenticator app for iOS, Android 1 day ago | www.bleepingcomputer.com
android android devices app authenticator +12
CISA urges software devs to weed out path traversal vulnerabilities 1 day, 1 hour ago | www.bleepingcomputer.com
cisa companies fbi path +9
Police shuts down 12 fraud call centres, arrests 21 suspects 1 day, 2 hours ago | www.bleepingcomputer.com
albania arrests bosnia bosnia and herzegovina +17
Microsoft warns of "Dirty Stream" attack impacting Android apps 1 day, 4 hours ago | www.bleepingcomputer.com
android android apps application apps +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604
View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö
View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963
View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000
View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto
View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com
View more jobs