Infosecurity-magazine.com

Malicious Actors Exploit GitHub to Distribute Fake Exploits

A series of malicious GitHub repositories masquerading as legitimate security research projects have been discovered. VulnCheck researcher Jacob Baines shared the findings in a new advisory published ...
Bleeping Computer

Fake LDAPNightmware exploit on GitHub spreads infostealer malware

A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The ...
Bleeping Computer

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities. Previously spread through pirated software ...
Hosted on MSN

Chrome Exploit CVE-2025-10585 Could Drain Your Crypto: How to Stay Protected

Update Chromium-based browsers to the patched Chrome/Edge/Opera builds and relaunch them. A non-updated browser stays vulnerable. The fastest path to a “drain” is you signing bad approvals. Treat ...
CSOonline

Webrat turns GitHub PoCs into a malware trap

Security professionals hunting PoCs and exploit code on GitHub might soon walk into a trap, as attackers redirect a known RAT toward them. Researchers have uncovered a stealthy campaign in which the ...
CSOonline

Attackers set up rogue GitHub repos with malware posing as zero-day exploits

In an unusual attack campaign, a hacker has been setting up rogue GitHub repositories that claim to host zero-day exploits for popular applications but which instead deliver malware. The attacker also ...
Infosecurity-magazine.com

Malware-as-a-Service Campaign Exploits GitHub to Deliver Payloads

A new malware distribution campaign leveraging public GitHub repositories as a delivery infrastructure for various malicious payloads has been uncovered by security researchers from Cisco Talos. The ...