Massive widespread malware attack on GitHub: 35,000 code repos cloned to serve malware
added on 2022/08/04 @ 14:12:09 | 199 views| category: hacking-security

Thousands of GitHub repositories were copied with their clones altered to include malware, a software engineer discovered today.

While cloning open source repositories is a common development practice and even encouraged among developers, this case involves threat actors creating copies of legitimate projects but tainting these with malicious code to target unsuspecting developers with their malicious clones.

GitHub has purged most of the malicious repositories after receiving the engineer's report.