Tag: malicious code

code data, agentic, JFrog, security, devsecops, Digma, code, Go, code, kernel, eBPF, Veracode GitKraken JFrog GitGuardian organizations, quality fear unknown software app Rust Contrast Security Adds API Support to Application Security Platform

Typosquat Supply Chain Attack Targets Go Developers

Jeff Burt | February 5, 2025 | GitHub repositories, Golang, malicious code, software supply chain attacks

A backdoor that impersonates a widely used database module in the popular Go programming language can give hackers control of infected systems, according to a senior threat intelligence analyst with developer-focused platform ...

repositories, GitHub, Arm, extension, GitHub, Copilot, Git, bloat, malicious, GitLab, memory-safe, CISA, agency, Skillsoft GitHub GitKraken code QA

More Than 3,000 ‘Ghost’ Accounts Spreading Malware on GitHub

Jeff Burt | July 25, 2024 | GitHub repositories, malicious code, malware, software supply chain attacks

GitHub and similar open-source code and project repositories have become a common target of cybercriminals looking to lure developers into unknowingly downloading malicious scripts ...

Endor, SCA, supply chain, security, workflows, supply chain, software, supply chain security, appsec, polyfill, software, supply chains, DevOps, DevSecOps, Google supply chain

Polyfill Becomes a Supply-Chain Risk to 100,000 Websites

Jeff Burt | June 28, 2024 | JavaScript, malicious code, Polyfill

A Chinese company in February bought the domain and GitHub account for Polyfill, a popular open-source library used by more than 100,000 websites to deliver JavaScript code ...

Checkmarx Report Highlights Need for AppSec Collaboration

Mike Vizard | May 9, 2022 | Checkmarx, cyberattack, malicious code, Python, Ruby

A research report published by Checkmarx finds the same basic malicious software developed using multiple programming languages as cyberattackers industrialize their malware development processes. Checkmarx, a provider of code scanning tools, shared ...