{ads}

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

Written By Thursday 28 September 2023 Add Comment



September 28, 2023 at 10:52PM

A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The malicious code exfiltrates the GitHub project's defined secrets to a malicious C2 server and modify any existing javascript files in the attacked project with a web-form password-stealer malware code

from The Hacker News https://ift.tt/8xTOlp1

0 Response to "GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads