资讯

ZDNet5 年

GitHub warns Java developers of new malware poisoning NetBeans projects

GitHub has issued a security alert on Thursday warning about a new malware strain that's been spreading on its site via boobytrapped Java projects. The malware, which GitHub's security team has named ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...
来自MSN6月

Kaspersky warns of malware-ridden GitHub projects: how hackers are stealing credentials

Cybercriminals are exploiting GitHub to spread credential-stealing malware through fake repositories, cybersecurity firm Kaspersky has warned. The campaign, dubbed “GitVenom,” involves attackers ...
CSOonline2 年

Software projects face supply chain security risk due to insecure artifact downloads via ...

Cybersecurity researchers found risks in the GitHub Actions platform that could enable attackers to inject malicious code into software projects and initiate a supply chain attack. The way build ...
TWCN Tech News3月

How to Push a Project to GitHub

In this post, we will show you how to push a project to GitHub. Whether you’re a beginner learning Git or an experienced developer, pushing your code to GitHub is a key step in sharing and managing ...
Bleeping Computer8月

Over 3.1 million fake "stars" on GitHub projects used to boost rankings

GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories, helping them reach more unsuspecting users. Stars are similar ...