Today
all Provident AMD Remark security social Research rights
Today news
About the same in other media
More
Provident AMD Remark security social Research rights

GitHub is under automated attack by millions of cloned repositories filled with malicious code

Provident AMD Remark security social Research rights
Reading now: 687
pcgamer.com
pcgamer.compcgamer.com:

GitHub has become a vital resource for programmers the world over, and an extensive knowledge base and repository for open-source coding projects, data storage and code management. However, the site is currently undergoing an automated attack involving the cloning and creation of huge numbers of malicious code repositories, and while the developers have been working to remove the affected repos, a significant amount are said to survive, with more uploaded on a regular basis.

An unknown attacker has managed to create and deploy an automated process that forks and clones existing repositories, adding its own malicious code which is concealed under seven layers of obfuscation (via Ars Technica). These rogue repositories are difficult to tell from their legitimate counterparts, and some users unaware of the malicious nature of the code are forking the affected repos themselves, unintentionally adding to the scale of the attack.

Once a developer makes use of an affected repo, a hidden payload begins unpacking seven layers worth of obfuscation, including malicious Python code and a binary executable. The code then sets to work collecting confidential data and login details before uploading it to a control server.

Research and data teams at security provider Apiiro have been monitoring a resurgence of the attack since its relatively minor beginnings back in May of last year. And while the company says that GitHub has been quickly removing the affected repositories, its automation detection system is still missing many of them, and manually uploaded versions are still slipping the net. 

Given the current scale of the attack, said by the researchers to be in the millions of uploaded or forked repositories, even a 1% miss-rate still means potentially thousands of compromised repos still on the site.

While the attack was initially somewhat small-scale when it was first documented, with several packages detected on the site with early versions of the malicious code, it has

Read more on pcgamer.com
All news from pcgamer.com
About this in other media
gamesradar.com
Guardians Of The Galaxy star Dave Bautista would return to the MCU, under one condition gamesradar.com /11 months ago
tech.hindustantimes.com
10 Best laptop under ₹60000: Lenovo Vs Asus tech.hindustantimes.com /11 months ago
tech.hindustantimes.com
Xiaomi phones under ₹15,000: 10 best feature-rich phones within budget tech.hindustantimes.com /11 months ago
Show more
The website gamebastion.com is an aggregator of news from open sources. The source is indicated at the beginning and at the end of the announcement. You can send a complaint on the news if you find it unreliable.

Related News

31.03 / 01:05
gamerant.com
Xbox One Minecraft PS4 Adorable Fan-Made Turn Minecraft Into a 2D Game
As a game built around the very spirit of creativity, it's not surprising that the Minecraft community frequently shows off some incredible creations, though one project recently shared by a talented fan presents what Minecraft itself might look like if it was a fully 2D side-scrolling game instead of the huge 3D sandbox it's known as. Various fan games inspired by Minecraft in the past have taken the form of such a 2D game, and even some official artwork for the game pays homage to this classic 2D style.
31.03 / 01:05
gamerant.com
Xbox Series X Bethesda Starfield Player Recreates Anakin’s Starship from Star Wars
31.03 / 01:05
gamerant.com
Platform Amouranth Has Been Banned From Twitch For the 9th Time
31.03 / 01:05
gamerant.com
Sony PS5 Spider-Man Marvel's Spider-Man 2 Fan Creates Variant Concepts For The Game's Movie Suits
31.03 / 01:05
gamerant.com
Xbox One Minecraft PS4 Disturbing Minecraft Fan Theory Will Have Players Wishing They Never Ate Mushroom Soup
31.03 / 01:05
gamerant.com
Xbox One PS4 Red Dead Redemption 2 Player Notices Interesting Dutch Detail While Modding
31.03 / 00:35
comingsoon.net
Chance Pedromo Passes Away, Gen V Star Was 27
31.03 / 00:35
comingsoon.net
Gigantic: Rampage Edition Trailer Previews New Character for Hero Shooter
30.03 / 23:56
gamerant.com
Xbox One Xbox Series X Killer Instinct Update Patch Notes Revealed
30.03 / 23:56
gamerant.com
Xbox Series X Palworld Teases Big Building System Expansion
30.03 / 23:56
gamerant.com
Sony PS5 Helldivers 2 Player Discovers Amazing Use For New Stratagem
30.03 / 23:55
gamerant.com
Xbox One Halo Infinite Xbox Series X Microsoft Halo Halo Infinite Player Recreates Combat Evolved’s Intro in Forge
30.03 / 23:55
gamerant.com
Android Pokemon Go Pokémon Pokemon GO Players Aren't Happy About Big Shadow Mewtwo Raid Restriction
30.03 / 23:55
gamerant.com
Xbox One Xbox Series X PS4 PS5 Call of Duty: Modern Warfare 3 Bringing Back OP Weapon Setup From The OG MW2
30.03 / 23:55
gamerant.com
Xbox One Xbox Series X Palworld Image Shows What Leezpunk Looks Like Without Its Jacket
30.03 / 23:55
gamerant.com
Xbox One PS4 Red Dead Online Player Creates Barbie in the Game
30.03 / 23:55
gamerant.com
Fallout Bethesda Fallout Fan Creates Amazing Mini-Nuke Replica
30.03 / 23:55
gamerant.com
Xbox Series X PS5 Baldur's Gate 3 Baldur’s Gate 3 Fan Creates Impressive Bart Simpson and Astarion Crossover Artwork
30.03 / 23:55
gamerant.com
Xbox One Android PS4 Stardew Valley Player Loses Out on Over $200,000 Worth of Starfruit Wine Thanks to Penny
30.03 / 23:47
pcgamer.com
UPS CEO Cyberpunk skeleton CD Projekt Red says the next Witcher game is 'not just repeating what was done before' as the dev team ramps up to over 400
30.03 / 23:47
pcgamer.com
Fighting UPS Tekken director asks why Americans want Waffle House to be a stage in Tekken 8
30.03 / 23:47
pcgamer.com
Strategy UPS boxing Coffee Stain set to publish a stylishly strange-looking new deckbuilder
30.03 / 23:39
thegamer.com
Progressive Reddit War Helldivers 2 Players Are Mad At Each Other For Attacking The "Wrong" Planets
30.03 / 23:39
thegamer.com
LEGO Official Sonic Account Makes Fun Of Toxic Fans
30.03 / 23:13
screenrant.com
UPS Gaming South Park: Snow Day's Biggest Mistake Is Cutting One Key Element Of The Show
30.03 / 23:13
screenrant.com
Gaming One Of Sims 4's Most Annoying EA Features Is Now Gone Thanks To Fan
30.03 / 23:13
screenrant.com
Gaming Where Is Blaidd After Finishing Ranni's Quest In Elden Ring?
30.03 / 22:55
rockpapershotgun.com
RPG PC Xbox One PS4 PS5 shooter CD Projekt Red still 'don't see a place for microtransactions' in singleplayer games
30.03 / 22:27
pcgamer.com
Puzzle UPS boxing War Today's Wordle answer for Saturday, March 30
30.03 / 22:23
rockpapershotgun.com
New Quest apps will be unable to support Oculus Quest 1 headsets from May
30.03 / 22:17
gamesradar.com
UPS Reddit Helldivers 2's new Quasar Cannon Stratagem is a hit, and you can tell players truly love it because they're already begging Arrowhead not to nerf it
30.03 / 21:51
rockpapershotgun.com
RPG PC PS4 Indie platformer Rain World is getting a new DLC starring the mysterious Nightcat
30.03 / 21:44
gamerant.com
Xbox One Xbox Series X PS4 PS5 Big Dragon Ball FighterZ Fix Likely Coming in April
30.03 / 21:43
gamerant.com
Android Nintendo Fire Emblem Heroes Getting New Update on April 3
30.03 / 21:43
gamerant.com
Xbox Series X Palworld Highlights 4 Jaw-Dropping Bases
30.03 / 21:43
gamerant.com
Microsoft Gamer Buys Classic Xbox 360 Console and Makes Huge Mistake
30.03 / 21:43
gamerant.com
PS5 Mihoyo Honkai: Star Rail Honkai: Star Rail Leaks Boothill's Gameplay Animations
30.03 / 21:43
gamerant.com
Xbox Series X PS5 Baldur's Gate 3 Baldur’s Gate 3 Player Discovers Hidden Tattoo Detail After 400 Hours
30.03 / 21:43
gamerant.com
Android Pokemon Go Pokémon Pokemon GO Code Gets You 10 Purified Gems for Free
30.03 / 21:43
gamerant.com
Xbox One PS4 Nintendo Stardew Valley Player Vandalizes Pierre's Shop With Joja Items
30.03 / 21:43
gamerant.com
Xbox Series X Bethesda Starfield Player is Attempting to Recolonize Earth
30.03 / 21:43
gamerant.com
PS5 Final Fantasy 7 Rebirth Platinum Trophy is Currently Impossible to Earn for Some Players
30.03 / 21:29
wowhead.com
Warcraft Action UPS Plunderstorm Creator Royale Victory Claimed by Kenny & Lapi
30.03 / 20:59
screenrant.com
Party Adventure Provident Gaming 6 D&D Magic Items & Spells That Are Really Just Helping You Break The Rules
30.03 / 20:59
screenrant.com
Overwatch 2 Gaming Overwatch 2 Is Failing Its Way Into Reinventing Overwatch 1
30.03 / 20:59
screenrant.com
Gaming Secret Starfield Easter Egg Shows Bethesda Really Does Care About Realism
30.03 / 20:23
ign.com
RPG Persona Daily Deals: Persona 3 Reload, Like a Dragon: Infinite Wealth, Resident Evil 4
30.03 / 19:21
wowhead.com
Trios Coming to Plunderstorm Next Week!
30.03 / 19:19
digitaltrends.com
UPS Digital Nintendo Nintendo Switch 2: release date rumors, features we want, and more
30.03 / 18:53
gamerant.com
Android New Sonic Toys Party Leak Show Off Stages and Playable Character Costumes
30.03 / 18:53
polygon.com
Puzzle UPS Ironically, Renegade Nell would benefit from some rules
30.03 / 18:53
gamerant.com
Nintendo Princess Peach: Showtime Sales Beat PS5 Exclusive in at Least 1 Region
30.03 / 18:53
polygon.com
UPS Provident Booking War Don’t have the time to read (or watch) Shōgun? Get the audiobooks for just $10
30.03 / 18:53
gamerant.com
Xbox One Android PS4 New Stardew Valley Crop is Perfect for Leveling Up Fast
30.03 / 18:53
polygon.com
Dreams UPS Cloud’s unreliable narration only makes Final Fantasy 7 Rebirth’s ending more confusing
30.03 / 18:53
polygon.com
Extreme Sydney Sweeney only does projects that scare her
30.03 / 18:53
gamerant.com
Android PS5 Mihoyo Honkai: Star Rail Honkai: Star Rail Leak Hints at Quality-of-Life Update in Version 2.2
30.03 / 18:51
howtogeek.com
Android 10 Reasons Why I Love Having a Stylus for My Android Phone
30.03 / 18:51
howtogeek.com
Provident Google Android Samsung Care+ Gives Your Galaxy Phone Unlimited Battery Repairs
30.03 / 18:51
howtogeek.com
Provident Google Android Buying an Android Auto Wireless Adapter? Run This Tool First
30.03 / 18:51
howtogeek.com
Gaming Save Big on Gaming Monitors During Samsung's Gaming Week Sale
30.03 / 18:51
howtogeek.com
Why I Prefer Playing PC Games on a Handheld Over a Desktop
30.03 / 18:51
howtogeek.com
Android The Best Phones Have Boring Designs (And That's a Good Thing)
30.03 / 18:47
thegamer.com
Digital It's Impossible To Platinum Final Fantasy 7 Rebirth Without A Physical Copy
30.03 / 18:27
screenrant.com
Baldur's Gate 3 Gaming In Baldur's Gate 3, Bards Aren't The Only Master Manipulators In The Game
30.03 / 18:11
thegamer.com
UPS Cyberpunk CD Projekt Red Doesn't "See A Place" For Microtransactions In Single-Player Games
30.03 / 17:31
screenrant.com
PlayStation 5 Gaming 15 Rarest PS3 Games (& What They're Worth In 2022)
30.03 / 17:29
gamerant.com
Sony Former PlayStation Boss Reveals Updated PS2 Sales Numbers
30.03 / 17:29
gamerant.com
A Bunch of EA Games Just Got Added to the Epic Games Store
30.03 / 17:29
gamerant.com
Amouranth and KSI Announce New Business Collaboration
30.03 / 17:29
gamerant.com
Persona PS4 PS5 Atlus Confirms Unsettling Fan Theory About Persona 5 Royal's Ending
30.03 / 17:29
gamerant.com
Xbox One Xbox Series X Pocketpair Community Manager Reacts to 'Palworld Killer' Game
30.03 / 17:29
gamerant.com
Xbox Series X PS5 Tekken 8 Tekken 8 Director Responds to Waffle House Stage Requests
30.03 / 17:29
gamerant.com
Sony PS5 PS5 Pro Enhanced Requirements Leak Online
30.03 / 17:29
gamerant.com
Android Pokemon Go Pokemon GO Player Has Unexpected Zorua Encounter
30.03 / 17:29
gamerant.com
PS4 PS5 Mihoyo Genshin Impact Genshin Impact Developer Teases Major Plot Points Coming in Future Content
30.03 / 17:19
wowhead.com
UPS Diablo Big Quality of Life Changes Coming in Diablo 4 Season 4 - Interactable Channel Times, Traversal Skills on Console
30.03 / 17:19
wowhead.com
Warcraft Action Plunderstorm Creator Royale Now Live
30.03 / 17:07
comingsoon.net
Kristen Stewart: ‘It Sounds Like a F—Ing Nightmare’ Doing a Marvel Movie
30.03 / 17:05
wccftech.com
Ubisoft UPS Provident NVIDIA Inworld AI NPC GDC 2024 Hands-on – NVIDIA and Ubisoft Show a Glimpse of the Future
Latest News
Main Page
Persons
Shuhei Yoshida 39
Dustin Bailey 449
Art 2287
all persons
Places
city Rome 98
county Early 666
Netflix 932
all places
Microsoft trained an AI to play (and maybe develop) games
Secretlab reveals a new Monster Hunter Wilds gaming chair, and I already want to sit in it
Disney Lorcana Unveils Enchanted & Set Championship Cards For Archazia’s Island
Sony Learned The Wrong Lesson From The PS5’s 2024 Success
Avowed Has Everything It Needs To Make The Perfect Tabletop RPG
About Us

Gamebastion.com is the biggest games news hub for the gamers all around the world. It is your source of the latest video game news, reviews, previews, podcasts, the most exciting releases, interviews with the video gaming industry's biggest names and other gaming features. Enjoy reading just the most authoritative, up-to-date news and headlines from the video games and entertainment industry at Gamebastion. The biggest video game news, rumors, previews, and other info about the PC, PS4, Xbox, Switch, & mobile titles you play. Stay tuned & well informed 24/7 with us!

gamebastion.com

Categories
Info
For advertisers
Add news
Add Post

©2025. All rights reserved.

DMCA