trendingnewsinsight009
Anonymous
1 post
Don't wanna be here? Send us removal request.
Statistics
We looked inside some of the posts by trendingnewsinsight009 and here's what we found interesting.
Average Info
Notes Per Post
3
Likes Per Post
3
Reblog Per Post
0
Reply Per Post
0
Number of Posts By Type
Text
1
Last Seen Tumblr Blogs
annahrhr
Loyalty
40 posts
concreteanddeadbeats
concrete and deadbeats
907 posts
my-gay-themed
My gay themed Tumblr
18K posts
gelmemeyegidenk1zz
Gündüzü olmayan upuzun bir geceyim şimdi..
66 posts
nerdnebulaartistry-blog
Geek Chic
96 posts
Fun Fact
69% of Tumblr users are millennials.
trendingnewsinsight009 · 1 year ago
Text
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
Tumblr media
A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers.
"The malicious code exfiltrates the GitHub project's defined secrets to a malicious C2 server and modify any existing javascript files in the attacked project with a web-form password-stealer malware code effecting any end-user submitting its password in a web form," Checkmarx said in a technical report
The malware is also designed to capture GitHub secrets and variables to a remote server by means of a GitHub Action.
The software supply chain security firm said it observed the atypical commits to hundreds of public and private GitHub repositories between July 8 and 11, 2023.
It has emerged that the victims had their GitHub personal access tokens stolen and used by the threat actors to make falsified code commits to users' repositories by posing as Dependabot.
Dependabot is designed to alert users of security vulnerabilities in a project's dependencies by automatically generating pull requests to keep them up-to-date.
Tumblr media
"The attackers accessed the accounts using compromised PATs (Personal Access Token) -- most likely exfiltrated silently from the victim's development environment," the company said. Most compromised users are located in Indonesia.
However, the exact method by which this theft may have taken place is currently unclear, although it's suspected that it may have involved a rogue package inadvertently installed by the developers.
This is evidenced by a new data exfiltration campaign targeting both npm and PyPI that uses as many as 39 counterfeit packages to gather sensitive machine information and transmit the details to a remote server.
The development highlights the continued attempts on part of threat actors to poison open-source ecosystems and facilitate supply chain compromises.
#aesthetic#knowledge#hacker#life hacks
3 notes · View notes