< ciso
brief />
Tag Banner

All news with #github tag

136 articles

Dormant GitHub Accounts Exploited to Scrape Orgs

🔎 Datadog Security Labs warns of coordinated campaigns using dormant or compromised GitHub accounts and exposed personal access tokens to enumerate organizations via the GitHub API. Operators use automated scraping tools, aged "ghost" accounts, and legitimate-sounding user agents to blend into normal API traffic, primarily collecting public data but occasionally cloning private repositories. The activity leverages unauthenticated API surfaces and GraphQL queries to map repos, memberships, followers, and other artifacts for reconnaissance.
read more →

npm 12 defaults disable risky install scripts

🔒 GitHub released npm v12 which disables install scripts by default and deprecates 2FA-bypass granular access tokens. The update makes lifecycle scripts, Git dependencies, and remote URL deps opt-in, requiring an explicit approval workflow and an allowlist committed to package.json. It also restricts GAT capabilities for account and publishing actions, with staged publishing and OIDC recommended for automation.
read more →

GitHub API abuse fuels enterprise reconnaissance

🔎 Datadog Security Research has tracked sustained abuse of GitHub’s public APIs where automated scanners, leaked credentials, and ghost accounts map organizations and members. Attackers harvest source code, secrets, and pipeline data by blending requests into normal traffic and leveraging the /graphql endpoint and REST org-mapping calls. Detection requires auditing user agents, token types, and unusual actor behavior, while enterprises should enable audit log streaming, MFA, access reviews, and credential scanning.
read more →

GitHub verified commits vulnerable to hash malleability

🔒 New research shows that a signed Git commit's hash can be changed without altering files, author, or date, and GitHub still marks the resulting commit as Verified. An attacker can re-push identical content under a fresh, validly signed hash, defeating blocklists, deduplication, and provenance systems that trust commit hashes as unique names. The issue stems from signature malleability across ECDSA, RSA/EdDSA, and S/MIME schemes and the forge-side practice of not normalizing signatures before recording verification.
read more →

GitLost: Public Issue Can Exfiltrate Private GitHub Data

🔒 Researchers at Noma Security demonstrated that a crafted public GitHub issue can manipulate GitHub Agentic Workflows into exposing private repository contents. The attack, named GitLost, exploits indirect prompt injection to trick an agent with organization-wide read access into pulling private data and posting it publicly. GitHub's preview feature for agentic workflows includes guardrails, but Noma showed a minor wording change can bypass them. The core problem is architectural: agents with standing credentials that read untrusted input and can post outward create persistent leakage risk.
read more →

GitHub updates actions/checkout to block pwn requests

🔒 GitHub is updating the official actions/checkout action to refuse common pwn request patterns by default, effective June 18, 2026, with backports planned for July 16, 2026. The change prevents checking out forked pull request head or merge commits in pull_request_target and certain workflow_run events unless authors explicitly set allow-unsafe-pr-checkout to true. This aims to reduce attacks that exploit privileged workflows to steal secrets or the GITHUB_TOKEN.
read more →

GitHub hardens Actions checkout to block pwn requests

🔒 GitHub has updated actions/checkout to v7 to automatically block and fail workflows that attempt to fetch unreviewed fork pull request code when run under pull_request_target or workflow_run events. The change enforces a secure-by-default behavior, with an explicit opt-out allow-unsafe-pr-checkout available for developers who need it. Backports to supported major versions are planned beginning July 16; pinned SHAs and specific versions must be updated manually.
read more →

Serverless GitHub Pages Phishing Hits Mexican Banks

🛡️ New research from Group-IB describes the GitBait campaign, a multi-year phishing operation targeting Mexican banks that used GitHub Pages for hosting and SheetBest to exfiltrate credentials into Google Sheets. The operation relied on modular phishing kits, automated publishing, and crafted Open Graph tags to spread links via messaging apps while evading search indexing. Group-IB reported over 100 GitHub-hosted domains and urges banks to monitor brand abuse and suspicious traffic to cloud services.
read more →

Malicious JetBrains plugins harvest AI API keys

🛡️ A coordinated campaign on the JetBrains Marketplace used at least 15 malicious IDE plugins to exfiltrate developers' AI provider API keys. Discovered by Aikido Security, the plugins—posing as AI assistants, code-review tools, and Git utilities—sent keys to a hardcoded server when users clicked "Apply" after entering credentials. Published from October 2025 through June 2026, these plugins were installed nearly 70,000 times and remain available on the Marketplace at the time of reporting.
read more →

GitHub’s npm v12 Changes Aim to Harden Supply Chain

🛡️ GitHub announced npm v12 will flip three permissive defaults to opt-in behavior to reduce software supply chain risk. Starting July 2026, npm will block install scripts, Git dependencies, and remote URL-sourced packages by default. Developers can upgrade to npm 11.16.0+ to receive warnings and use npm approve-scripts to build local allowlists in package.json. Experts praise stronger defaults but warn attackers may shift to private registries and maintainers may approve scripts to avoid build friction.
read more →

GitHub to disable npm install scripts by default

🔒 GitHub announced breaking changes shipping in npm v12 that disable install-time lifecycle scripts by default to reduce software supply chain risk. The update stops preinstall, install, and postinstall scripts, blocks resolving Git and remote URL dependencies unless explicitly allowed, and changes default allow settings such as --allow-git to "none". Developers are advised to upgrade to npm 11.16.0+, review warnings, and use npm approve-scripts to opt in for trusted packages.
read more →

GitHub to disable automatic npm install scripts by default

🔒 GitHub will change npm v12 defaults in July to block automatic execution of dependency install scripts unless a project explicitly allows them. The change prevents preinstall, install and postinstall scripts — including implicit node-gyp rebuilds — from running by default, narrowing a common supply chain attack vector. Experts generally praised the move as overdue but warned it only reduces, not eliminates, supply chain risk and will push attackers to other methods.
read more →

Miasma worm source code briefly leaked on GitHub

🛡️ The Miasma credential-stealing worm, an evolution of the Shai-Hulud toolkit, was briefly published on GitHub after threat actors uploaded it to multiple compromised accounts. The framework steals developer build and cloud credentials, compromises package registries and repositories, and propagates autonomously without C2 by abusing GitHub. Researchers note destructive 'dead-man switch' behavior and a build pipeline that randomizes payloads to evade detection, increasing supply-chain risk.
read more →

GitHub tightens npm defaults to reduce supply-chain risk

🔒 GitHub will change npm behavior in the upcoming v12 release to block several automatic actions during npm install that have enabled supply-chain attacks. Preinstall, install, and postinstall scripts from dependencies, native builds via node-gyp, and prepare scripts from Git, local file, and linked dependencies will require explicit approval before running. Git and remote URL dependencies will also be disabled by default unless permitted, and developers are advised to test with npm 11.16.0 to surface breaking warnings before upgrading.
read more →

Weekly cyber recap: supply chain worm and hacks

⚠️ Last week saw a range of high-impact incidents, from the Miasma worm compromising 73 Microsoft GitHub repositories to targeted mailbox espionage and an Instagram account compromise via an AI support tool. Vendors patched active Android flaws, researchers flagged malicious npm packages and a compromised Hola Browser installer, and U.S. agencies disrupted transnational investment fraud. Multiple threat clusters, including China-linked espionage groups and financially motivated actors, broadened their geographic scope and tactics, while many critical CVEs remain urgent for defenders to patch.
read more →

VS Code introduces two‑hour extension update delay

🔒 Microsoft will delay automatic extension updates in Visual Studio Code by two hours to reduce exposure to potentially compromised releases. The feature, available in VS Code 1.123, allows immediate manual updates via the "Update" button and shows reasons and scheduled times for pending updates. Trusted publishers such as Microsoft, GitHub, and OpenAI are exempt and continue to update immediately. The change follows similar cooldown controls added across package managers to curb software supply chain threats.
read more →

Miasma worm compromises 73 Microsoft GitHub repos

🛡️ Microsoft's GitHub organizations — including Azure, Azure-Samples, Microsoft, and MicrosoftDocs — were hit by the self-replicating Miasma supply chain campaign that affected 73 repositories, prompting GitHub to disable access. The incident notably re-compromised the durabletask package previously infected by TeamPCP, suggesting lingering credential exposure. Miasma, a variant of the Mini Shai-Hulud worm, has mutated rapidly and pushed malicious payloads both to registries and directly to GitHub source repos, leveraging AI coding tools and developer workflows to execute payloads. Security firms warn the campaign exploits trust in maintainers and signing rather than platform vulnerabilities, allowing widespread propagation across the open-source ecosystem.
read more →

GitHub browser VSCode flaw risks stolen developer tokens

🛡️ A researcher disclosed a vulnerability in GitHub’s browser-based VSCode (github.dev) that could allow an attacker to obtain a developer’s OAuth token and access any repos the developer can reach. The issue involves github.com POSTing a broad-scoped token to github.dev and a bypass in Jupyter notebook-based extension installation that can exfiltrate the token. Microsoft implemented a short-term mitigation requiring notebook confirmation and restoring the trusted-publisher check.
read more →

One-click GitHub.dev attack exposes OAuth tokens

🔒 Security researchers disclosed a one-click attack targeting GitHub.dev in the browser-hosted VS Code environment that can steal a user's GitHub OAuth token. The exploit abuses message passing between the main VS Code window and untrusted webviews to simulate keypresses, open the Command Palette, and install malicious extensions. By leveraging local workspace extensions and configurable keybindings, attackers can bypass trust prompts and extract tokens with access to private repositories. Microsoft has acknowledged the issue and is working on a fix; the vulnerability does not affect VS Code Desktop.
read more →

VS Code zero-day lets attackers steal GitHub tokens

🛡️ A security researcher published exploit code for a Visual Studio Code zero-day that enables attackers to steal GitHub OAuth tokens by tricking users into clicking a link. The flaw abuses VS Code's sandboxed webview message-passing to run JavaScript that simulates keypresses, installs a malicious extension, and exfiltrates tokens sent to github.dev. The vulnerability is unpatched and unassigned a CVE; users can mitigate risk by clearing cookies and site data for github.dev to force reauthentication prompts.
read more →