Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

GitHub

20 articles

GBHackers Campaigns GitHub Jun 17

Modular Phishing Kit Uses GitHub Pages to Steal Payment Card Details and Passwords

A sophisticated, long-running phishing operation has evolved into a serverless, modular campaign that weaponizes GitHub Pages to harvest payment card data, c...

T1566

GBHackers →

GBHackers CVE GitHub Jun 17

Critical LiteLLM Flaw Allows Authentication Bypass via Host Header Injection

A critical security vulnerability tracked as CVE-2026-49468 has been disclosed in the LiteLLM framework, exposing deployments to authentication bypass attack...

T1556 1 IOC

GBHackers →

Help Net Security General GitHub Jun 15

1Password Credential Broker reduces secret sprawl through identity-based credential delivery

1Password has announced 1Password Credential Broker, a new product that securely brokers credentials, tokens, and federated access from 1Password to trusted ...

Help Net Security →

GBHackers Vulnerability Disclosure GitHub Jun 15

Critical Wazuh Flaw Enables Threat Actors to Alter Alerts and Remove Logs

A critical security flaw in Wazuh Manager could allow unauthenticated threat actors to tamper with alerts, delete forensic evidence, and execute arbitrary Op...

GBHackers →

BleepingComputer Data Breach GitHub Jun 12

Early Warning Signs of Supply-Chain Attacks Live in the Dark Web

GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose earl...

T1598

BleepingComputer →

Infosecurity Magazine Supply Chain GitHub Jun 12

GitHub to Update npm to Thwart Software Supply Chain Attacks

NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts

T1195

Infosecurity Magazine →

GBHackers Supply Chain GitHub Jun 11

GitHub Introduces Automatic Controls to Prevent Malicious npm Install Scripts

GitHub has announced a major security-focused overhaul of npm with the upcoming release of npm v12, introducing stricter default controls designed to mitigat...

T1195 T1598

GBHackers →

The Hacker News TTPs GitHub Jun 11

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software suppl...

T1195

The Hacker News →

CSO Online General GitHub Jun 11

GitHub finally pulls the plug on automatic install script execution for npm

The ability for attackers to leverage automatic install script execution in npm will finally come to an end when expected changes arrive from GitHub in July....

T1059

CSO Online →

BleepingComputer Data Breach GitHub Jun 10

The ‘Miasma’ worm source code briefly leaked on GitHub

The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on...

BleepingComputer →

BleepingComputer General GitHub Jun 10

GitHub announces npm security changes to tackle supply-chain attacks

GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking supply-chain attacks abusing behavi...

BleepingComputer →

Help Net Security General GitHub Jun 10

Building reusable workflows with custom agents in Copilot CLI

Developers spend much of their working time in the terminal, generating commands, debugging issues, and running scripts close to their systems. Repeated term...

Help Net Security →

GBHackers Advisory GitHub F5 Jun 10

Malicious npm Package ‘dbmux’ Targets Developers

Malware was discovered in the npm package dbmux. Any computer with this package installed or running should be considered fully compromised.

GBHackers →

GBHackers Campaigns GitHub Jun 9

North Korea Hackers Weaponize GitHub to Target Developers

A sustained phishing campaign that leverages developer recruitment and code-review lures to deliver cross‑platform malware via attacker-controlled GitHub rep...

T1566

GBHackers →

The Hacker News General GitHub Jun 4

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with no...

T1598

The Hacker News →

GBHackers Supply Chain GitHub Jun 3

38% of GitHub Actions Workflows Exposed to Script Injection Risks

Analysis has revealed that 38% of organizations are running GitHub Actions workflows vulnerable to script injection or unsafe trigger configurations, highlig...

T1195

GBHackers →

BleepingComputer Zero-Day GitHub Jun 3

VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authenticatio...

BleepingComputer →

GBHackers Vulnerability Disclosure GitHub Jun 3

1-Click GitHub Vulnerability Enables OAuth Token Theft

A newly disclosed vulnerability in GitHub’s browser-based editor, GitHub.dev, allows attackers to steal powerful OAuth tokens with just a single click, givin...

GBHackers →

Help Net Security Data Breach GitHub Jun 2

64,000 accounts exposed in breach of GTA V cheat service Atlas Menu

Atlas Menu, a cheat service for Grand Theft Auto V and Counter-Strike 2, has been added to the Have I Been Pwned database following a data breach that expose...

Help Net Security →

GBHackers CVE GitHub Linux Jun 1

Critical Plesk Vulnerability Lets Users Execute Server Commands

A newly disclosed critical vulnerability in Plesk is raising serious security concerns after researchers confirmed that low-privileged users can execute arbi...

1 IOC

GBHackers →

«Previous page 1 2 3 4 5 ... 7 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA