Mozilla Warns GitHub Repos Can Trick AI Tools Into Hacking Your PC

Christopher Harper is a tech writer with over a decade of experience writing how-tos and news. Off work, he stays sharp with gym time & stylish action games.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Bleeping Computer

New York Times warns freelancers of GitHub repo data breach

The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024.
Dark Reading

GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead

A widespread AI-assisted campaign promoting an OpenClaw Docker deployer package is spreading more than 300 Trojanized GitHub packages targeting developers and gamers alike with a data-stealing Trojan.
Dark Reading

Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments

Hackers are using unpublished GitHub and GitLab comments to generate phishing links that appear to come from legitimate open source software (OSS) projects. The clever trick, first described by Sergei ...
Krebs on Security

CISA Admin Leaked AWS GovCloud Keys on Github

Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS ...