Techly NewsGet the app

Get the latest tech news

Over 100,000 Infected Repos Found on GitHub


The Apiiro research team has detected a repo confusion campaign that has evolved and expanded, impacting over 100k GitHub repos with malicious code.

Our security research and data science teams detected a resurgence of a malicious repo confusion campaign that began mid-last year, this time on a much larger scale. Because of the operation’s large scope, this campaign has a sort of 2nd-order social engineering network effect when, every now and then, naive users fork the malicious repos without realizing they are spreading malware. There are countless solutions for catching malware at the system and network levels, but the supply chain remains a massive and lucrative attack surface for malicious actors.

Get the Android app

Or read this on r/technology

Read more on:

Photo of GitHub

GitHub

Photo of infected repos

infected repos

Related news:

News photo

GitHub enables push protection by default to stop secrets leak

News photo

GitHub besieged by millions of malicious repositories in ongoing attack

News photo

GitHub Besieged By Millions of Malicious Repositories In Ongoing Attack

« Tesla must face race bias class action by 6,000 Black US workers
AI chatbots are serving up wildly inaccurate election information, new study says »