The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor ...
Ars Technica

GitHub abused to distribute payloads on behalf of malware-as-a-service

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...
Mactrast

GhostClaw Malware Takes Advantage of Developers’ GitHub Habits to Target Mac Users

A new bit of macOS malware called GhostClaw takes advantage of developer's GitHub habits to spread across GitHub and AI ...