trendingnewsinsight009
Anonymous
1 post
Don't wanna be here? Send us removal request.
Statistics
We looked inside some of the posts by trendingnewsinsight009 and here's what we found interesting.
Average Info
Notes Per Post
3
Likes Per Post
3
Reblog Per Post
0
Reply Per Post
0
Number of Posts By Type
Text
1
Last Seen Tumblr Blogs
moviesinfocus
Movies In Focus
3K posts
richmond-kitchen-renovation
Untitled
1 post
cprdefibschubbyman
441 posts
angelsimscreations
Angel sims creations
7 posts
moviesbabe
Movies, Babe!
101 posts
Fun Fact
Tumblr Inc. is funded by 13 investors.
trendingnewsinsight009 · 1 year ago
Text
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
Tumblr media
A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers.
"The malicious code exfiltrates the GitHub project's defined secrets to a malicious C2 server and modify any existing javascript files in the attacked project with a web-form password-stealer malware code effecting any end-user submitting its password in a web form," Checkmarx said in a technical report
The malware is also designed to capture GitHub secrets and variables to a remote server by means of a GitHub Action.
The software supply chain security firm said it observed the atypical commits to hundreds of public and private GitHub repositories between July 8 and 11, 2023.
It has emerged that the victims had their GitHub personal access tokens stolen and used by the threat actors to make falsified code commits to users' repositories by posing as Dependabot.
Dependabot is designed to alert users of security vulnerabilities in a project's dependencies by automatically generating pull requests to keep them up-to-date.
Tumblr media
"The attackers accessed the accounts using compromised PATs (Personal Access Token) -- most likely exfiltrated silently from the victim's development environment," the company said. Most compromised users are located in Indonesia.
However, the exact method by which this theft may have taken place is currently unclear, although it's suspected that it may have involved a rogue package inadvertently installed by the developers.
This is evidenced by a new data exfiltration campaign targeting both npm and PyPI that uses as many as 39 counterfeit packages to gather sensitive machine information and transmit the details to a remote server.
The development highlights the continued attempts on part of threat actors to poison open-source ecosystems and facilitate supply chain compromises.
#aesthetic#knowledge#hacker#life hacks
3 notes · View notes