Repositories

GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks

Jul 15, 2024 by iHash Leave a Comment

Jul 15, 2024NewsroomSupply Chain Attack / Cyber Threat Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the GitHub Personal Access Token, said the … [Read more...] about GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks

Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack

Sep 12, 2023 by iHash Leave a Comment

Sep 12, 2023THNSoftware Security / Vulnerability A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw "could allow an attacker to exploit a race condition within GitHub's repository creation and username renaming operations," Checkmarx security researcher Elad Rapoport said in a … [Read more...] about Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack

Hackers Breach Okta’s GitHub Repositories, Steal Source Code

Dec 22, 2022 by iHash Leave a Comment

Dec 22, 2022Ravie LakshmananSoftware Security / Data Breach Okta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were accessed in an unauthorized manner earlier this month. "There is no impact to any customers, including any HIPAA, FedRAMP or DoD customers," the company said in a public … [Read more...] about Hackers Breach Okta’s GitHub Repositories, Steal Source Code

Malware Strains Targeting Python and JavaScript Developers Through Official Repositories

Dec 13, 2022 by iHash Leave a Comment

Dec 13, 2022Ravie Lakshmanan An active malware campaign is targeting the Python Package Index (PyPI) and npm repositories for Python and JavaScript with typosquatted and fake modules that deploy a ransomware strain, marking the latest security issue to affect software supply chains. The typosquatted Python packages all impersonate the popular requests library: dequests, … [Read more...] about Malware Strains Targeting Python and JavaScript Developers Through Official Repositories

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks

Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack

Hackers Breach Okta’s GitHub Repositories, Steal Source Code

Malware Strains Targeting Python and JavaScript Developers Through Official Repositories