Techly NewsGet the app

Get the latest tech news

GitHub besieged by millions of malicious repositories in ongoing attack


GitHub keeps removing malware-laced repositories, but thousands remain.

An unknown party has automated a process that forks legitimate repositories, meaning the source code is copied so developers can use it in an independent project that builds on the original one. “Most of the forked repos are quickly removed by GitHub, which identifies the automation,” Matan Giladi and Gil David, researchers at security firm Apiiro, wrote Wednesday. Supply-chain attacks that target users of developer platforms have existed since at least 2016, when a college student uploaded custom scripts to RubyGems, PyPi, and NPM.

Get the Android app

Or read this on r/technology

Read more on:

Photo of Millions

Millions

Photo of GitHub

GitHub

Photo of ongoing attack

ongoing attack

Related news:

News photo

GitHub Besieged By Millions of Malicious Repositories In Ongoing Attack

News photo

A Pornhub Chatbot Stopped Millions From Searching for Child Abuse Videos

News photo

Microsoft Word’s Default Typeface Changed From Calibri to Aptos. Did You Notice?

« New Microsoft-Backed Startup Wants to Make AI Work As Intended
Setapp Will Be One of iPhone's First Alternative App Marketplaces in EU »