CyberSecurityBoard
Sponsor Register Login

AI-Assisted Fake GitHub Repositories Steal Sensitive Data Including Login Credentials

This operation exploits GitHub’s trusted reputation to bypass security defenses, targeting users seeking gaming mods, cracked software, and cryptocurrency tools through AI-generated documentation and strategically obfuscated scripts. This adaptability has made Lumma Stealer a preferred tool in cybercriminal forums, where stolen data fetches prices ranging from $500 for browser credentials to $5,000 for comprehensive digital identity packages. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. This technique enables unauthorized access to browser data and extensions, particularly targeting cryptocurrency wallets like MetaMask and 2FA tools such as Authy. The repositories contain only a README file in their main branch, with malicious ZIP archives (e.g., Release.zip) hidden in the Releases section to evade automated code scanning. She is covering various cyber security incidents happening in the Cyber Space. The shift from simple file hosting to full repository clones signals a new era of supply chain attacks that demand equally innovative defense strategies.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 12 Mar 2025 07:45:20 +0000


Cyber News related to AI-Assisted Fake GitHub Repositories Steal Sensitive Data Including Login Credentials

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
5 months ago Aws.amazon.com
Securing the code: navigating code and GitHub secrets scanning - Enter the world of GitHub secrets scanning tools, the vigilant sentinels of your digital gala. Secrets scanning in GitHub is anchored by two fundamental strategies: proactive prevention and reactive detection, each serving a critical function in ...
1 year ago Securityboulevard.com
GitHub code-signing certificates stolen - Another day, another access-token-based database breach. This time, the victim is Microsoft's GitHub business. On December 6, 2022, repositories from our atom, desktop, and other deprecated GitHub-owned organizations were cloned by a compromised ...
2 years ago Nakedsecurity.sophos.com
GitHub says hackers cloned code-signing certificates in breached repository - GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing certificates place a cryptographic stamp on code to ...
2 years ago Packetstormsecurity.com
APT Hackers Abusing GitHub - Hackers use GitHub to access and manipulate source code repositories. GitHub hosts open-source projects, and unauthorized access allows hackers to inject malicious code, steal sensitive information, and exploit vulnerabilities in software development ...
1 year ago Cybersecuritynews.com
GitHub Security Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom - GitHub revealed on Monday that unknown hackers managed to steal encrypted code signing certificates related to some versions of GitHub Desktop for Mac and Atom apps. As a precaution, the company is revoking the exposed certificates. Versions 1.63.0 ...
2 years ago Thehackernews.com
Penetration Testing for Sensitive Data Exposure in Enterprise Networks: Everything You Need to Know! - The amount of data enterprises store is much bigger than SMBs. A lot of this data includes sensitive information of customers and clients such as bank details, social security numbers, emails, contact numbers, etc. For those new to data security, ...
1 year ago Securityboulevard.com
GitHub, PyTorch and More Organizations Found Vulnerable to Self-Hosted Runner Attacks - Last July, we published an article exploring the dangers of vulnerable self-hosted runners and how they can lead to severe software supply chain attacks. GitHub itself was found vulnerable, as well as various notable organizations, such as PyTorch, ...
1 year ago Securityboulevard.com
Hackers Stole GitHub Desktop and Atom Code-Signing Certificates - Monday, GitHub announced that unidentified threat actors were able to exfiltrate encrypted code signing certificates for certain versions of the GitHub Desktop for Mac and Atom applications. The company is taking the precautionary action of canceling ...
2 years ago Heimdalsecurity.com
CVE-2017-1000106 - Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. Its SCM content REST API supports the ...
5 years ago
Meta AI Models Cracked Open With Exposed API Tokens - Researchers recently were able to get full read and write access to Meta's Bloom, Meta-Llama, and Pythia large language model repositories in a troubling demonstration of the supply chain risks to organizations using these repositories to integrate ...
1 year ago Darkreading.com
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
1 year ago Bleepingcomputer.com
Kubernetes Security: Sensitive Secrets Exposed - Cybersecurity researchers are warning of Kubernetes security issues amid the exposure of configuration secrets. Researchers believe that such attacks could be orchestrated using Kubernetes secrets exposed in public repositories as they allow access ...
1 year ago Securityboulevard.com
Fake browser updates spread updated WarmCookie malware - The latest campaign was discovered by researchers at Gen Threat Labs, who observed the WarmCookie backdoor being distributed as fake Google Chrome, Mozilla Firefox, Microsoft Edge, and Java updates. FakeUpdate is a cyberattack strategy used by a ...
5 months ago Bleepingcomputer.com
Fake LastPass password manager spotted on Apple's App Store - LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials. The fake app uses a similar name to the genuine app, a similar icon, and a red-themed interface ...
1 year ago Bleepingcomputer.com
ML Model Repositories: The Next Big Supply Chain Attack Target - The techniques are similar to ones that attackers have successfully used for years to upload malware to open source code repositories, and highlight the need for organizations to implement controls for thoroughly inspecting ML models before use. ...
11 months ago Darkreading.com
GitHub Reports Code-Signing Certificate Theft in Security Breach - Although attackers exfiltrated a set of encrypted code-signing certificates, these were password-protected, so there is no possibility of malicious use. GitHub revealed that on December 7th, 2022, hackers had gained unauthorized access to several of ...
2 years ago Hackread.com
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
11 months ago Feeds.dzone.com
Over 12 million auth secrets and keys leaked on GitHub in 2023 - GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days. The exposed secrets include account passwords, API keys, ...
11 months ago Bleepingcomputer.com
CVE-2021-32638 - Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token ...
2 years ago
GitVenom Campaign Abusing Thousands of GitHub Repositories To Infect Users - A sophisticated malware campaign dubbed “GitVenom” has exploited GitHub’s open-source ecosystem to distribute malicious code through thousands of fraudulent repositories, targeting developers seeking automation tools, cryptocurrency ...
2 weeks ago Cybersecuritynews.com
How Kasada Counters Toll Fraud and Fake Account Creation for Enterprises - Toll fraud and fake account creation are two advanced threats that bad actors employ for massive profit. Fake Account Creation is committed by a wide range of attackers, through automating the generation of new user accounts en masse, which then get ...
1 year ago Securityboulevard.com
GitHub Revokes Compromised Code Signing Certificates After Repo Hack - GitHub has recently revealed that unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories. The company has found no ...
2 years ago Bleepingcomputer.com
CVE-2023-30853 - Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration ...
1 year ago
Scammers Fake DocuSign Templates to Blackmail & Steal From Companies - Phishing emails mimicking DocuSign are rising, thanks to a thriving underground marketplace for fake templates and login credentials. Over the past month, researchers from Abnormal Security claim to have tracked a significant increase in phishing ...
9 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)