All news with #github tag

🔓 GitHub patched a critical remote code execution flaw (CVE-2026-3854) that allowed authenticated users to inject commands via crafted git push operations. Discovered by Wiz, the issue abused an internal X-STAT component in GitHub’s server-side processing and earned one of the highest bug-bounty payouts. Cloud services were patched quickly and fixes for GitHub Enterprise Server versions 3.14.25 through 3.20.0 were released, but Wiz reported that 88% of Enterprise Server instances remained exposed at disclosure. Enterprise customers are urged to apply vendor patches immediately.

🔒 GitHub patched a critical command-injection vulnerability, CVE-2026-3854, that allowed an authenticated user with push access to achieve remote code execution via a single git push. Researchers at Wiz disclosed the issue on March 4, 2026, and GitHub deployed a fix to GitHub.com within two hours while releasing updates for GitHub Enterprise Server. The flaw resulted from insufficient sanitization of git push options incorporated into the internal X-Stat header, enabling injection of metadata fields to override execution controls. Administrators should apply the provided GHES updates immediately.

🔒 Checkmarx confirmed that the LAPSUS$ group published data taken from its private GitHub repository after a March 23 supply-chain compromise tied to the Trivy incident. Investigators say credentials harvested from that earlier intrusion enabled repository access and the insertion of malicious code. On April 22 attackers published malicious Docker images and VSCode/Open VSX extensions for Checkmarx’s KICS scanner that collected credentials, keys, tokens, and config files. Checkmarx states the 96GB leak originated from its GitHub, contains no customer data, and is under forensic review while the repository remains locked.

🛡️ A malicious npm release of the Bitwarden CLI (version 2026.4.0) was briefly published after attackers compromised a GitHub Action in the project's CI/CD pipeline. The trojanized package included a loader that installs bun and executes a payload designed to harvest cloud, development, and CI credentials. Bitwarden reported no evidence of user vault access and the package was removed within roughly 1.5 hours, with compromised access revoked and remediation initiated.

🔒 The Bitwarden CLI @bitwarden/cli npm package was briefly compromised when attackers published a malicious v2026.4.0 release on April 22, 2026. The injected payload harvested developer secrets — including npm and GitHub tokens, SSH keys, and cloud credentials — and contained self‑propagation capability to infect other packages. Bitwarden confirmed only the npm distribution channel was affected, found no evidence of vault or production data access, revoked compromised access, deprecated the release, and initiated remediation; affected developers should rotate exposed credentials.

🔐 Checkmarx's KICS Docker images and VS Code/Open VSX extensions were trojanized to harvest developer secrets. Dependency security firm Socket investigated after Docker alerted them to malicious images pushed to the official checkmarx/kics repository and found an embedded MCP addon that downloaded a credential-stealing module (mcpAddon.js). The malware targeted GitHub tokens, cloud credentials, npm tokens, SSH keys, Claude configs and environment variables, encrypting and exfiltrating them to audit.checkmarx.cx while creating public GitHub repositories to receive stolen data. Checkmarx removed the artifacts, rotated exposed credentials and advised developers to rotate secrets, pin image SHAs and rebuild from trusted sources.

🔒 JFrog and Socket report that the Bitwarden CLI package @bitwarden/cli@2026.4.0 was briefly published with malicious code in a file named bw1.js, following a compromised GitHub Action in Bitwarden’s CI/CD pipeline. The rogue release was designed to harvest GitHub/npm tokens, .ssh keys, .env files, shell history and other secrets, then exfiltrate them to private domains and via GitHub commits. Bitwarden confirmed the incident, stated there is no evidence that end-user vault data or production systems were accessed, and said the malicious npm release was deprecated, compromised access revoked, remediation steps initiated, and a CVE is being issued.

🔍 William Largent frames threat hunting as a discipline akin to strategy games, where pattern recognition, prediction, and spotting feints reveal an adversary's intent. Cisco Talos warns of a growing Platform-as-a-Proxy (PaaP) tactic in which attackers weaponize legitimate SaaS notification pipelines such as GitHub and Jira to deliver authenticated phishing that circumvents SPF, DKIM, and DMARC. Because users habitually trust system-generated alerts, defenders should adopt zero‑trust controls, ingest SaaS API logs into SIEMs, and require out‑of‑band verification for high-risk actions.

🤖 Drasi's team turned documentation testing into a monitoring problem by running AI-driven synthetic users that follow tutorials verbatim inside Dev Containers using the GitHub Copilot CLI. The agent is naïve, literal, and unforgiving: it executes commands exactly, verifies outputs, and captures screenshots, terminal logs, and a final markdown report. Weekly automated runs detect silent drift and environment regressions; failures automatically file issues with reproducible artifacts.

⚠️ Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects, blocking them from publishing Windows builds and security patches without prior notice or a quick reinstatement path. Affected projects include WireGuard, VeraCrypt, MemTest86, and Windscribe. Maintainers report no emails, warnings, or clear appeals process and say they can still publish Linux and macOS updates but not Windows releases. Microsoft said accounts were automatically suspended for failing mandatory verification for the Windows Hardware Program and that outreach and press attention have prompted follow-up from company representatives.

🔔 Cisco Talos observed a rise in campaigns that weaponize SaaS notification pipelines in collaboration platforms to deliver phishing and credential‑harvesting lures. Attackers embed malicious content in GitHub commit messages and in user‑configurable Jira project fields so automated notifications, signed by the platforms, bypass SPF, DKIM, and DMARC checks. Talos describes this as a Platform‑as‑a‑Proxy (PaaP) abuse and recommends moving to Zero‑Trust, instance‑level verification, and API telemetry to detect and block these attacks.

🔒 FortiGuard Labs identified a multi-stage campaign using malicious LNK shortcut files that target Microsoft Windows users in South Korea. The attacker embeds decoding routines inside LNK arguments to drop a decoy PDF while executing hidden PowerShell payloads. Those scripts perform anti-analysis checks, establish persistence via Scheduled Tasks and VBScript, and use GitHub API calls as a covert C2 and exfiltration channel. Fortinet signatures detect these components and block the activity.

🔒 A multi-stage malware campaign leveraging GitHub as a covert C2 channel has been observed targeting users in South Korea, according to an advisory from Fortinet. Attackers distribute malicious .LNK shortcut files that drop decoy PDFs while executing obfuscated PowerShell and VBScript payloads silently in the background. Recent variants embed decoding routines directly within LNK arguments, remove identifying metadata, and exfiltrate system information and logs to GitHub repositories using hardcoded tokens. The campaign exemplifies modern living-off-the-land tactics that abuse legitimate Windows utilities and developer infrastructure to evade detection.

🚨 A large-scale campaign is abusing GitHub Discussions to post fake Visual Studio Code security advisories that trick developers into downloading malware. The spam posts use realistic titles, fabricated CVE identifiers, impersonated maintainers, and mass tagging to trigger email notifications to watchers. Links often point to external hosts (commonly Google Drive) that redirect to a domain running JavaScript reconnaissance which profiles victims and forwards data to a command-and-control server. Security vendor Socket says the activity is automated and coordinated across thousands of repositories.

🛡️ Researchers disclosed a patched bug in Open VSX's pre-publish scanning pipeline that allowed a malicious VS Code extension to pass vetting and go live. The defect, named Open Sesame, arose because a Java service returned a single boolean that conflated 'no scanners configured' with 'scanner failures,' causing failed scans to be treated as harmless. The vulnerability was fixed in Open VSX 0.32.0 after responsible disclosure.

🔔 This week’s ThreatsDay Bulletin captures a quieter, sneakier cadence: big-picture progress on cryptography and AI set against a steady churn of pragmatic abuse. Google accelerated a PQC migration to 2029 and GitHub is bringing AI-powered detections into the PR workflow, while threat actors keep innovating around trust — using pirated ISOs, fake extensions, firmware implants and clever phishing to scale backdoors, credential theft and fraud. The common thread is operational efficiency: takedowns and disruptions are temporary, but the workflows keep returning.

🔒 Threat actors are exploiting interest in OpenClaw with a GitHub phishing campaign that lures developers with fake 'CLAW' token airdrops promising thousands of dollars. Attackers open issues, tag developers, and redirect victims to cloned sites that prompt users to connect their crypto wallets. Researchers at OX Security found obfuscated wallet‑stealing code and a C2 server used to collect addresses and drain funds. Recommended actions include blocking the phishing domain and revoking suspicious wallet approvals.

🛡️ GitHub is integrating AI-based scanning into Code Security to extend vulnerability detection beyond CodeQL, targeting ecosystems like Shell/Bash, Dockerfiles, Terraform, PHP and more. The hybrid model preserves CodeQL for deep semantic analysis while using AI to increase coverage in areas hard for traditional static analysis. Findings and suggested fixes appear directly in pull requests, and a public preview is expected in early Q2 2026.

🔍 Cybersecurity researchers report a new GlassWorm evolution that delivers a multi-stage data theft framework and a remote access trojan (RAT) which force-installs a malicious Google Chrome extension masquerading as Google Docs Offline. The campaign gains initial access via rogue packages on npm, PyPI, GitHub and Open VSX, and resolves C2 addresses using Solana memos and public Google Calendar dead drops. A .NET component performs hardware wallet phishing when Ledger or Trezor devices are connected, while a WebSocket RAT harvests browser data, executes arbitrary JavaScript, and supports HVNC and SOCKS modules. Developers are urged to verify publishers and use scanning tools such as AFINE's glassworm-hunter.

📦 The widely used Python package LiteLLM on PyPI was found to contain credential-stealing malware in versions 1.82.7 and 1.82.8, uploaded on 24 March 2026. Security researchers report the malicious code harvested SSH keys, cloud credentials, Kubernetes secrets, database credentials, TLS keys and cryptocurrency wallets, then encrypted and exfiltrated the data to attacker infrastructure and installed persistent backdoors. Endor Labs and JFrog analysis showed the later variant executed whenever any Python process started, enabling silent background operation; version 1.82.6 is the last known clean release and organizations are urged to rotate secrets and audit systems for compromise.