Researchers have identified a campaign using GitHub-hosted Python repositories to spread a new JavaScript-based Remote Access Trojan called PyStoreRAT. This malware executes various malicious commands and targets cryptocurrency files, leveraging fake tools to deceive users into downloading it. The operation shows signs of being linked to Eastern European threat actors.

A hacker is exploiting GitHub by distributing backdoored source code, specifically targeting hackers, gamers, and researchers. The malicious repositories, linked to the publisher "ischhfd83," deploy hidden backdoors through various means, leading to the installation of remote access trojans and info-stealers, which pose significant risks to users who compile the code. Sophos researchers warn of the sophisticated multi-step infection process that follows the download of these trojanized files.

A vulnerability in GitHub Copilot Chat, discovered by Legit Security, allowed the leakage of sensitive data such as AWS keys and zero-day bugs from private repositories. By exploiting hidden comments and remote prompt injection, attackers could control Copilot's responses and exfiltrate sensitive information from users. GitHub has since addressed the issue by blocking the method used for data leakage.

A new cyber threat named GhostAction has been identified, targeting GitHub projects and stealing sensitive information such as API keys and secrets. The attack exploits vulnerabilities in software development practices, leading to potential data breaches and compromised projects for developers. Security experts urge developers to enhance their security measures to mitigate risks associated with these attacks.

The article discusses a malware issue affecting GitHub users on macOS, highlighting how this malware can compromise systems and steal sensitive information. It emphasizes the importance of maintaining security practices and being aware of potential threats when using software development tools.

Over 500 NPM packages were compromised by a self-replicating worm called Shai-Hulud, prompting the US Cybersecurity and Infrastructure Security Agency (CISA) to issue an alert for developers to secure their credentials and review dependencies. GitHub is implementing stricter authentication and security measures to prevent future attacks.

Researchers have discovered a new data-stealing malware called "Banana Squad" that is being distributed through GitHub repositories. This malware targets sensitive user information and is linked to various malicious activities, raising concerns about the safety of open-source software hosting platforms. Users are advised to be vigilant and avoid downloading suspicious repositories to protect their data.