GitHub Security Alert: Malicious Code Discovered in Popular Action Affecting Thousands of Repositories A significant security vulnerability has been identified in the GitHub Action ‘tj-actions/changed-files,’ which has implications for over 23,000 repositories. This issue was brought to light by StepSecurity’s CI/CD security solution, Harden-Runner, drawing attention to the potential risks…
3rd Party Risk Management: Governance & Risk Management Over 23,000 Code Repositories Compromised Following Malicious Code Injection into GitHub Actions By Mathew J. Schwartz (euroinfosec) March 17, 2025 In a significant cybersecurity incident, attackers have compromised a popular tool integral to software development on GitHub, potentially exposing sensitive information from…
Cybersecurity Weekly Recap: Notable Incidents and Emerging Threats In a concerning development this week, cybersecurity experts have reported a surge in malicious activities targeting organizations across various sectors. One of the most alarming incidents involves a new scam campaign that utilizes physical letters falsely attributed to the notorious BianLian ransomware…
Over the past year, there have been a staggering 502 security incidents across major platforms, including 48 categorized as high-risk, leading to a combined total of 955 hours of significant and critical interruptions—equivalent to an astonishing 120 business days. These findings come from ‘The DevOps Threats Unwrapped’ report, compiled by…
Lazarus Group Strikes Again: Malicious Packages Discovered in npm Repository The notorious Lazarus Group, an advanced persistent threat (APT) linked to the North Korean government, has resurfaced with a new campaign, infiltrating the npm software repository—a vital resource for developers globally. Research from the Socket Research Team has revealed the…
Major Cyber Campaign Targets Nearly 1 Million Devices: A Review of the Multi-Stage Attack A comprehensive cyber campaign has recently come to light, targeting almost one million devices across a broad spectrum of individuals and organizations. This indiscriminate approach highlights a significant opportunistic strategy employed by the attackers, who aimed…
North Korea continues to be a formidable force in the realm of cybercrime, particularly targeting financial institutions and cryptocurrency platforms to sustain its military efforts, including nuclear and missile development programs. Recent analysis by security specialists from Nisos has uncovered a new tactic employed by North Korean hackers: using social…
Microsoft’s Copilot tool continues to access sensitive data despite the company’s efforts to restrict its use of removed resources from GitHub. A recent investigation by Lasso has uncovered that Microsoft’s attempts to limit access to a specialized Bing interface—which had previously been available at cc.bingj.com—have proven inadequate. Notably, while public…
Security Breach Exposes Sensitive Data at UnitedHealth Group and Highlights AI Vulnerabilities In what is now considered the largest medical data breach in U.S. history, UnitedHealth Group disclosed a ransomware attack on its subsidiary, Change Healthcare. The incident, which occurred in February 2024, compromised the personal and health information of…
