7 matches found
15,000 Go Module Repositories on GitHub Vulnerable to Repojacking Attack
New research has found that over 15,000 Go module repositories on GitHub are vulnerable to an attack called repojacking. "More than 9,000 repositories are vulnerable to repojacking due to GitHub username changes," Jacob Baines, chief technology officer at VulnCheck, said in a report shared with T...
Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack
A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw "could allow an attacker to exploit a race condition within GitHub's repository creation and username renaming operations," Checkmarx security researche...
Attacks, Vulnerabilities and Actors 26 June to 2 July 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of four attacks executed, taking advantage of three different vulnerabilities in...
Millions of Github Repository susceptible to Repojacking
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Millions of GitHub repositories may be vulnerable to Repojacking, which could lead to large-scale supply chain attacks. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...
Alert: Million of GitHub Repositories Likely Vulnerable to RepoJacking Attack
Millions of software repositories on GitHub are likely vulnerable to an attack called RepoJacking, a new study has revealed. This includes repositories from organizations such as Google, Lyft, and several others, Massachusetts-based cloud-native security firm Aqua said in a Wednesday report. The...
Alert: Million of GitHub Repositories Likely Vulnerable to RepoJacking Attack
Millions of software repositories on GitHub are likely vulnerable to an attack called RepoJacking , a new study has revealed. This includes repositories from organizations such as Google, Lyft, and several others, Massachusetts-based cloud-native security firm Aqua said in a Wednesday report. The...
GitHub Repojacking Bug Could've Allowed Attackers to Takeover Other Users' Repositories
Cloud-based repository hosting service GitHub has addressed a high-severity security flaw that could have been exploited to create malicious repositories and mount supply chain attacks. The RepoJacking technique, disclosed by Checkmarx, entails a bypass of a protection mechanism called popular...