GitHub’s Malicious Repo Ruckus: The Great GitVenom Scam Uncovered! 🚨

Kaspersky has spotted over 200 fake GitHub repos filled with malicious code. Dubbed GitVenom, this sneaky campaign has been fooling developers for two years, leading to nearly $500,000 in stolen funds. Beware of malicious projects posing as Instagram aggregators or Telegram bots—they’ll swipe passwords and even hijack crypto wallets!

3P
Published: February 26, 2025 7:45 amAdded: February 25, 2025 at 11:51 pmAssembled by: The Editor

Hot Take:

It seems like we’ve got ourselves a good ol’ fashioned cybersecurity jamboree, folks! Kaspersky’s uncovering GitHub shenanigans, DOGE is making government tech go woof, LastPass is causing a CPU revolt, and CISA is adding more bugs to its hit list. Who knew the world of cybercrime and governmental tech could be this entertaining?

Key Points:

  • Kaspersky has identified over 200 fake GitHub repositories spreading malware.
  • The GitVenom campaign is believed to have stolen nearly $500,000.
  • DOGE is accused of compromising government IT security, leading to mass resignations.
  • LastPass users advised to reinstall software due to CPU issues.
  • CISA adds Adobe and Oracle vulnerabilities to its must-patch list.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?