GitHub has revolutionized the way developers collaborate, offering a space where anyone can share and contribute to open-source projects. However, this openness has also made it an attractive hunting ...

Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm ...

The malware has been circulating across GitHub for at least two years, Kaspersky stressed, with targets and victims located ...

A malware campaign dubbed GitVenom uses hundreds of GitHub repositories to trick users into downloading info-stealers, remote ...

The GitVenom campaign targets developers—and once downloaded, can be used to deceive victims into transferring crypto.

The attack starts with seemingly legitimate GitHub projects — like making Telegram bots for managing bitcoin wallets or tools ...

Malicious actors are making hundreds of fake projects on GitHub aiming to snare private info through crypto and ...

On the developer platform GitHub, cybersecurity specialists have discovered an active campaign that has been targeting users' computers for several years in an attempt to steal their crypto assets.

A malware campaign in GitHub repositories is targeting bank data and Bitcoin wallets. The malicious code is often only ...

Cybersecurity firm Kaspersky has issued a warning about a widespread malware campaign targeting users on GitHub.

Also downloaded via the bogus GitHub projects are remote administration tools like AsyncRAT and Quasar RAT that can be used to commandeer infected hosts and a clipper malware that can substitute ...

In early 2025, cybersecurity experts uncovered a sophisticated campaign involving Lumma Stealer, an information-stealing ...