Security researchers have discovered that the new SLUB backdoor is receiving attack commands from GitHub and relying on Slack for communicating with its attackers.
A new reverse proxy tool called Modlishka can easily automate phishing attacks and bypass two-factor authentication (2FA) — and it's available for download on GitHub.
Researchers observed a new threat actor known as Rocke leveraging a varied tool kit and multiple payloads to distribute cryptomining malware, including Monero miners.
A new zero-day vulnerability affecting Windows 7 through 10 was recently disclosed on Twitter. Within two days, security researchers spotted it in the wild.
While fraudsters have yet to master adversarial AI, the only way for the security community to get ahead of the emerging threat is through collaborative defense.
Three popular version control systems were found to contain vulnerabilities that could enable threat actors to steal source code.
Researchers have created a tool that uses Git repositories to demonstrate how Agile and other software development approaches could have security issues.
A recent phishing campaign targeted GitHub developers with Dimnie malware, which enables fraudsters to alter open source code packages.
A recent data breach at Uber may have been enabled by a security key stored on a public GitHub page, according to a lawsuit filed by Uber.