All news with #github tag

GlassWorm Malware Found in Three VS Code Extensions

🔒 Researchers identified three malicious VS Code extensions tied to the GlassWorm campaign that together had thousands of installs. The packages — ai-driven-dev.ai-driven-dev, adhamu.history-in-sublime-merge, and yasuyuky.transient-emacs — were still available at reporting. Koi Security warns GlassWorm harvests Open VSX, GitHub, and Git credentials, abuses invisible Unicode for obfuscation, and uses blockchain-updated C2 endpoints. Defenders should audit extensions, rotate exposed tokens and credentials, and monitor repositories and wallet activity for signs of compromise.

Malicious Ransomvibe Extension Found in VSCode Marketplace

⚠️ A proof-of-concept ransomware strain dubbed Ransomvibe was published as a Visual Studio Code extension and remained available in the VSCode Marketplace after being reported. Secure Annex analysts found the package included blatant indicators of malicious functionality — hardcoded C2 URLs, encryption keys, compression and exfiltration routines — alongside included decryptors and source files. The extension used a private GitHub repository as a command-and-control channel, and researchers say its presence highlights failures in Microsoft’s marketplace review process.

Malicious VS Code Extension and Trojanized npm Packages

⚠️ Researchers flagged a malicious Visual Studio Code extension named susvsex that auto-zips, uploads and encrypts files on first launch and uses GitHub as a command-and-control channel. Uploaded on November 5, 2025 and removed from Microsoft's VS Code Marketplace the next day, the package embeds GitHub access tokens and writes execution results back to a repository. Separately, Datadog disclosed 17 trojanized npm packages that deploy the Vidar infostealer via postinstall scripts.

GitHub Universe 2025: Agents, AI, and Developer Tools

🚀 At GitHub Universe 2025, Microsoft and GitHub presented a vision for agentic development that lets developers see, steer, and build across autonomous agents. The event introduced platform capabilities like Agent HQ, a prompt-first AI Toolkit for VS Code, and the GA release of Azure MCP Server. Announcements focused on enterprise-grade security, standards-based integration, and faster, more intuitive agent creation and governance.

PhantomRaven: Malware in 126 npm Packages Steals Tokens

⚠️ Koi Security has identified a supply-chain campaign dubbed PhantomRaven that inserted malicious code into 126 npm packages, collectively installed more than 86,000 times, by pointing dependencies to an attacker-controlled host (packages.storeartifact[.]com). The packages include preinstall lifecycle hooks that fetch and execute remote dynamic dependencies, enabling immediate execution on developers' machines. The payloads are designed to harvest GitHub tokens, CI/CD secrets, developer emails and system fingerprints, and exfiltrate the results, while typical scanners and dependency analyzers miss the remote dependencies because npmjs.com does not follow those external URLs.

PhantomRaven campaign floods npm with credential theft

🐦 The PhantomRaven campaign distributes dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials. Discovered by Koi Security, the activity began in August and involved 126 packages with over 86,000 downloads. The packages use a remote dynamic dependency mechanism to fetch and execute payloads during npm install, enabling stealthy credential exfiltration. Developers should verify package provenance and avoid unvetted LLM-generated package suggestions.

GitHub Agent HQ: Native AI Agents and Governance Launch

🤖 Agent HQ integrates AI agents directly into the GitHub workflow, making third-party coding assistants available through paid Copilot subscriptions. It introduces a cross-surface mission control to assign, steer, and track agents from GitHub, VS Code, mobile, and the CLI. VS Code additions include Plan Mode, AGENTS.md for custom agent rules, and an MCP Registry to discover partner servers. Enterprise features add governance, audit logging, branch CI controls, and a Copilot metrics dashboard.

GitHub Agent HQ: Native, Open Ecosystem & Controls

🚀 GitHub introduced Agent HQ, a native platform that centralizes AI agents within the GitHub workflow. The initiative will bring partner coding agents from OpenAI, Anthropic, Google, Cognition, and xAI into Copilot subscriptions and VS Code. A unified "mission control" offers a consistent command center across GitHub, VS Code, mobile, and the CLI. Enterprise-grade controls, code quality tooling, and a Copilot metrics dashboard provide governance and visibility for teams.

GitHub Agent HQ: Native, Governed AI Agents in Flow

🤖 GitHub announced Agent HQ, a unified platform that makes coding agents native to the GitHub workflow. Over the coming months, partner agents from OpenAI, Anthropic, Google, Cognition, and xAI will become available as part of paid Copilot subscriptions. The release introduces a cross‑surface mission control, VS Code planning and customizable AGENTS.md files, and an enterprise control plane with governance, metrics, and code‑quality tooling to manage agent-driven work.

RedTiger Infostealer Used to Steal Discord Accounts

🛡️ Attackers have compiled the open-source RedTiger red-team tool into a Windows infostealer that harvests Discord account tokens, payment details, browser credentials, crypto wallet files, and game data. The malware injects JavaScript into Discord's client to capture logins, purchases, and password changes, archives stolen data, and uploads it to GoFile. Users should revoke tokens, change passwords, reinstall Discord from the official site, clear browser data, and enable MFA.

Self-Propagating GlassWorm Targets VS Code Marketplaces

🪲 Researchers at Koi Security have uncovered GlassWorm, a sophisticated self-propagating malware campaign affecting extensions in the OpenVSX and Microsoft VS Code marketplaces. The worm hides executable payloads using Unicode variation selectors, harvests NPM, GitHub and Git credentials, drains 49 cryptocurrency wallets, and deploys SOCKS proxies and hidden VNC servers on developer machines. CISOs are urged to treat this as an immediate incident: inventory VS Code usage, monitor for anomalous outbound connections and long-lived SOCKS/VNC processes, rotate exposed credentials, and block untrusted extension registries.

Gemini Code Assist brings AI code reviews to GitHub

🔐 Gemini Code Assist on GitHub for enterprises delivers AI-powered code reviews across GitHub Enterprise Cloud and privately hosted GitHub Enterprise Server. Organization-level controls let platform teams define a central style guide, set comment severity, and enforce baseline checks while preserving repo-level customization. Built on Google Cloud security and privacy commitments, the public preview includes higher pull-request quotas and stateless prompt handling to protect customer code.

TA585 Deploys MonsterV2 Malware With Sophisticated Delivery

🔍 Proofpoint researchers uncovered TA585, a cybercriminal group that operates its own phishing, delivery and malware infrastructure rather than outsourcing. The actor distributes MonsterV2, a subscription-based RAT/stealer/loader that avoids CIS systems and offers modules like HVNC. Early 2025 campaigns used ClickFix social engineering and compromised sites with fake CAPTCHAs to filter victims and deliver payloads, and organisations should train users to spot ClickFix and restrict PowerShell for non-admins.

Developers Leading AI Transformation Across Enterprise

💡 Developers are accelerating AI adoption across industries by using copilots and agentic workflows to compress the software lifecycle from idea to operation. Microsoft positions tools like GitHub, Visual Studio, and Azure AI Foundry to connect models and agents to enterprise systems, enabling continuous modernization, migration, and telemetry-driven product loops. The shift moves developers from manual toil to intent-driven design, with agents handling upgrades, tests, and routine maintenance while humans retain judgment and product vision.

Astaroth Banking Trojan Uses GitHub to Stay Operational

🔒 Cybersecurity researchers warn of a recent campaign delivering the Astaroth banking trojan that leverages GitHub repositories to host hidden configurations and regain functionality after C2 takedowns. The attack, concentrated in Brazil and across Latin America, begins with a DocuSign-themed phishing message that drops an LNK file which executes obfuscated JavaScript, retrieves an AutoIt loader and ultimately injects a Delphi-based DLL. Astaroth monitors browser activity for banking and cryptocurrency sites, exfiltrates credentials via Ngrok, and employs steganography, anti-analysis checks, and persistent LNK-based startup execution to maintain stealth and resilience.

GitHub Copilot Chat prompt injection exposed secrets

🔐 GitHub Copilot Chat was tricked into leaking secrets from private repositories through hidden comments in pull requests, researchers found. Legit Security researcher Omer Mayraz reported a combined CSP bypass and remote prompt injection that used image rendering to exfiltrate AWS keys. GitHub mitigated the issue in August by disabling image rendering in Copilot Chat, but the case underscores risks when AI assistants access external tools and repository content.

Red Hat Confirms Security Incident After GitHub Claims

🔒 An extortion group calling itself Crimson Collective claims to have exfiltrated nearly 570GB of compressed data from about 28,000 private GitHub repositories, including roughly 800 Customer Engagement Reports (CERs). Red Hat confirmed a security incident tied to its consulting business but would not validate the attackers’ specific claims, saying it has initiated remediation and sees no indication the issue affects its products or software supply chain. The group published directory listings and alleges finding authentication tokens and full database URIs that could be used to access downstream customer infrastructure.

Cloudflare Brings Enterprise Features to All Plans

🔐 Cloudflare announced it will make nearly every feature available for direct purchase on any plan, removing the previous distinction of “enterprise-only” capabilities. The rollout begins today with dashboard SSO, which is now accessible to all customers and supports GitHub social login; many Zero Trust features are available at no cost for up to 50 users. Over the next year Cloudflare will extend this self-service approach to additional capabilities, simplify billing and packaging, and reduce the need to involve sales or solutions engineers, while noting a few region-specific exceptions such as its China Network.

GitHub notifications abused to impersonate Y Combinator

📩 Attackers abused GitHub's notification system to send fake Y Combinator W2026 invitations by creating issues and tagging users so the platform would deliver legitimate-looking emails. The lure promised participation in a purported $15 million funding program and linked to a typo-squatted domain. That site ran obfuscated JavaScript and presented an EIP-712-style wallet verification prompt that, when signed, authorized draining transactions.

GitHub Pages SEO Poisoning Delivers Atomic Stealer

🚨 Attackers are creating convincing GitHub Pages that impersonate well-known brands to trick macOS users into installing the Atomic infostealer. Using SEO poisoning, malicious repositories are promoted in search results and funnel victims through multiple redirects to pages that instruct users to paste a Terminal curl command. That command decodes a base64 URL and executes a script that fetches and runs the Atomic payload. LastPass published IoCs and requested takedowns, but warns the campaign remains active.