GitHub

2 minute read

5,561 GitHub Repositories Hit by Megalodon Supply Chain Attack in Six Hours

SafeDep uncovered the Megalodon attack targeting 5,561 GitHub repositories with malicious CI workflows and cloud credential theft.

byDeeba Ahmed

May 22, 2026

GitHub Hacked: TeamPCP Steals 3,800 Code Repositories via VS Code Extension

3 minute read

GitHub Breach: TeamPCP Steals 3,800 Repositories via VS Code Extension

GitHub Breach: TeamPCP stole 3,800 internal repositories through a malicious VS Code extension and is now selling the data online for $95,000.

byDeeba Ahmed

May 20, 2026

Grafana Says It Rejected Ransom Demand After Source Code Theft

2 minute read

Data Breaches

Grafana Says It Rejected Ransom Demand After Source Code Theft

Grafana says hackers stole its source code after accessing a GitHub token, but no customer data or systems were affected.

byWaqas

May 17, 2026

2 minute read

Google Says Hackers Used AI to Develop a Zero-Day Exploit

Google researchers say hackers used AI to develop zero-day exploits, Android backdoors, and automated supply chain attacks targeting GitHub and PyPI.

byDeeba Ahmed

May 11, 2026

2 minute read

Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

Google patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise.

byDeeba Ahmed

May 6, 2026

3 minute read

Hackers Use Hidden Website Instructions in New Attacks on AI Assistants

Cybersecurity researchers at Forcepoint uncover new indirect prompt injection attacks that use hidden website code to exploit AI assistants like GitHub Copilot.

byDeeba Ahmed

April 23, 2026

2 minute read

New CGrabber and Direct-Sys Malware Spread Through GitHub ZIP Files

Hackers spread CGrabber and Direct-Sys malware through GitHub ZIP files, bypassing security tools to steal passwords, crypto wallets, and user data.

byDeeba Ahmed

April 17, 2026

3 minute read

North Korean Hackers Abuse GitHub to Spy on South Korean Firms

Researchers from FortiGuard Labs have uncovered a high-severity spying campaign targeting South Korean companies. Discover how North Korean…

byDeeba Ahmed

April 3, 2026

4 minute read

Why GitHub Developers Are Targeted by Token Giveaway Scams

GitHub developers face rising giveaway scams. Verify repos, links, and maintainers before acting. Avoid rushed clicks, fake rewards, and risky wallet actions.

byOwais Sultan

April 2, 2026

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

2 minute read

Security

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

OpenAI Codex vulnerability allowed attackers to steal GitHub tokens via malicious branch names using hidden Unicode command injection flaw.

byDeeba Ahmed

March 30, 2026

The Latest

Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware

Hackers Abused Meta’s AI Support Bot to Hijack Major Instagram Accounts

New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions

Halo Security Honored with 2026 MSP Today Product of the Year Award

GitHub

5,561 GitHub Repositories Hit by Megalodon Supply Chain Attack in Six Hours

GitHub Breach: TeamPCP Steals 3,800 Repositories via VS Code Extension

Grafana Says It Rejected Ransom Demand After Source Code Theft

Google Says Hackers Used AI to Develop a Zero-Day Exploit

Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

Hackers Use Hidden Website Instructions in New Attacks on AI Assistants

New CGrabber and Direct-Sys Malware Spread Through GitHub ZIP Files

North Korean Hackers Abuse GitHub to Spy on South Korean Firms

Why GitHub Developers Are Targeted by Token Giveaway Scams

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

Halo Security Honored with 2026 MSP Today Product of the Year Award

RaccoonLine Publishes 2026 dVPN Buyer’s Guide for Privacy-Focused Users

The CISO Whisperer’s Watch List For The Gartner Security & Risk Management Summit 2026

Link11 is fully committed to Europe and is opening a Customer Excellence Hub in Lisbon

Criminal IP Returns to Infosecurity Europe 2026 with Advanced AI-Driven TI & ASM