all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

More than 100,000 GitHub repositories found spreading malicious packages

Add to bookmarks
March 4, 2024, 2:53 p.m. | Alfonso Maruccia

TechSpot www.techspot.com


Security researchers at Apiiro have recently uncovered a malware-spreading campaign designed to exploit the capabilities of the GitHub platform. The attack, which started in May 2023 with "several" malicious packages uploaded to the Python Package Index (PyPI) official repository, was capable of impacting at least 100,000 GitHub repositories and "presumably" millions more.

Read Entire Article

apiiro attack campaign capabilities exploit found github github repositories malicious malicious packages malware may may 2023 millions official package packages platform pypi python python package python package index repositories repository researchers security security researchers uncovered

Visit resource

More from www.techspot.com / TechSpot

UK becomes first country to outlaw easily guessable default passwords on connected devices 18 hours ago | www.techspot.com
act and telecommunications article connected +17
WordPress plugin vulnerability poses severe security risk, allows for site takeovers 1 day, 13 hours ago | www.techspot.com
automatic compromised customers exploiting +17
FTC accuses Jeff Bezos and Amazon CEO Jassy of using auto-deleting messages to obstruct antitrust … 1 day, 14 hours ago | www.techspot.com
amazon antitrust app april +18
Millions of devices still vulnerable to abandoned USB worm, continues to spread globally 1 day, 14 hours ago | www.techspot.com
connected copy devices drive +11
FTC distributes $5.6 million in refunds to Ring customers from privacy settlement 2 days, 11 hours ago | www.techspot.com
access ai algorithms algorithms article +22
This genius tool ensures flawless thermal paste application every time 3 days, 13 hours ago | www.techspot.com
application big cpu pass +6
Police arrest high school athletic director for deepfaking principal's voice 4 days, 7 hours ago | www.techspot.com
administration arrest arrested board +19
Nearly all Chinese keyboard apps have encryption flaws, exposing millions of users to keylogging 4 days, 15 hours ago | www.techspot.com
apps article chinese cloud +19
Cybercriminals are using developing nations as test beds for ransomware attacks 4 days, 16 hours ago | www.techspot.com
agency america argentina ars technica +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Security Engineer

@ Gainwell Technologies | Any city, OR, US, 99999
View on infosec-jobs.com

Federal Workday Security Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Workplace Consultant

@ Solvinity | Den Bosch, Noord-Brabant, Nederland
View on infosec-jobs.com

SrMgr-Global Information Security - Security Risk Management

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Sr. Security Engineer - Data Loss Prevention

@ Verisk | Jersey City, NJ, United States
View on infosec-jobs.com
View more jobs