The Hacker News

Npm Package Targeting GitHub-Owned Repositories Flagged as Red Team Exercise

Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate " ...
Dark Reading

Attackers Use Phony GitHub Pages to Deliver Mac Malware

An emerging threat campaign is using targeted SEO poisoning to hit Mac users with infostealers. According to LastPass blog post authors Alex Cox, Mike Kosak, and Stephanie Schneider, threat actors are ...
Dark Reading

Millions of Malicious Repositories Flood GitHub

Cyberattackers in just the last few months have registered more than 100,000 — but by some estimates more than a million — malicious copycat repositories on GitHub. The "repo confusion" scheme is ...