Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

GitHub

20 articles

Cyberscoop Data Breach GitHub May 19

CISA credential leak raises alarms, and Capitol Hill demands answers

A researcher who found a repository that leaked on GitHub said it was one of the worst he’s witnessed. The post CISA credential leak raises alarms, and Capit...

Cyberscoop →

SC Media General GitHub F5 Drupal May 19

My Mother the Car, AI Slop, Nginx, Polyscope, Drupal, , GitHub, Aaran Leyland... - SWN #582

SC Media →

CSO Online Malware GitHub May 19

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, this time targeting the widely-used...

T1195

CSO Online →

CSO Online General GitHub May 19

GitHub scales back bug bounties, reminds users security is their responsibility too

Faced with the growing volume of submission to its bug bounty program, GitHub is replacing cash bounties with swag rewards for reports with low security impa...

CSO Online →

SC Media General GitHub May 19

GitHub Actions workflow compromised to steal CI/CD credentials

The attack involves an "imposter commit" strategy where all existing tags in the repository were altered to point to a malicious commit.

SC Media →

Infosecurity Magazine Data Breach GitHub May 19

Grafana Labs Confirms Hackers Stole Source Code

Open source tool maker Grafana says hackers stole codebase via GitHub breach

Infosecurity Magazine →

Security Affairs Data Breach GitHub May 19

Shai-Hulud worm copycats emerge after source code leak

Shai-Hulud worm copycats are already attacking NPM developers after its source code leaked, enabling fast supply chain exploitation. The first copycats of th...

Security Affairs →

GBHackers Supply Chain GitHub May 19

Compromised GitHub Action Steals Workflow Credentials

A widely used GitHub Action, actions-cool/issues-helper, has been compromised in a supply chain attack that exposes sensitive CI/CD secrets to an attacker-co...

T1195

GBHackers →

The Hacker News Supply Chain GitHub May 19

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious...

T1041 T1195

The Hacker News →

Security Affairs Data Breach GitHub May 18

Grafana confirms GitHub token breach cybercrime group claims the attack

Grafana confirmed a GitHub token breach that exposed source code, but said no customer data or systems were affected. Grafana Labs confirmed a security incid...

T1041

Security Affairs →

SC Media Data Breach GitHub May 18

Grafana Labs discloses GitHub environment breach, source code downloaded

The breach occurred after a threat actor obtained a compromised token.

SC Media →

BleepingComputer General GitHub May 18

Grafana says stolen GitHub token let hackers steal codebase

Grafana Labs disclosed that hackers have downloaded its source code after breaching its GitHub environment using a stolen access token. [.

BleepingComputer →

Help Net Security Data Breach GitHub May 18

Attackers accessed, downloaded code from Grafana Labs’ GitHub

A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualizati...

Help Net Security →

GBHackers Campaigns GitHub May 18

Grafana Labs Confirms Security Incident Involving GitHub Codebase Access

Grafana Labs has confirmed a security incident involving unauthorized access to its internal GitHub environment, after a threat actor obtained a compromised ...

T1195

GBHackers →

HackRead General GitHub May 17

Grafana Says It Rejected Ransom Demand After Source Code Theft

Grafana says hackers stole its source code after accessing a GitHub token, but no customer data or systems were affected.

HackRead →

The Hacker News Data Breach GitHub May 17

Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its...

The Hacker News →

GBHackers CVE GitHub May 15

PraisonAI Vulnerability Actively Exploited Within Hours of Being Made Public

A high-severity vulnerability in PraisonAI is drawing urgent attention after security researchers observed exploitation attempts within hours of public discl...

T1556 1 IOC

GBHackers →

CSO Online Vulnerability Disclosure GitHub May 14

PraisonAI vulnerability gets scanned within 4 hours of disclosure

A newly disclosed authentication bypass flaw in the open-source AI orchestration framework PraisonAI was probed by internet scanners less than four hours aft...

T1556

CSO Online →

GBHackers Vulnerability Disclosure GitHub May 14

Packagist Warns: Update Composer Now After GitHub Actions Token Leak

A sudden change in GitHub’s token format has triggered an unexpected security vulnerability in Composer, exposing sensitive authentication tokens in CI/CD lo...

GBHackers →

HackRead Campaigns GitHub May 12

Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware

Operation HumanitarianBait uses fake aid documents, GitHub-hosted payloads, and Python spyware to target Russian-speaking victims.

HackRead →

«Previous page 1 ... 4 5 6 7 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA