SecurityWeek

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.
Wired

A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub

A secretive network of around 3,000 “ghost” accounts on GitHub has quietly been manipulating pages on the code-hosting website to promote malware and phishing links, according to new research seen by ...
Ars Technica

GitHub besieged by millions of malicious repositories in ongoing attack

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...
Bleeping Computer

Some GitHub Downloads Blocked in Chrome and Firefox Due to Safe Browsing Warning

UPDATE: After eight hours, the issue is now fixed. Original article below. Safe Browsing errors shown in Google Chrome and Firefox are blocking users from downloading binary files from GitHub. The ...
Bleeping Computer

GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic

A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur to ...