GitHub’s repository system has been targeted by a malware operation designed to steal information. It uses fake software downloads and gaming mods to deliver the Redox information stealer, using social engineering and code obfuscation to harvest sensitive data, including cryptocurrency wallets and gaming accounts. The attack chain begins with free versions of premium software or gaming utilities, housing a Python-based malware payload. Only 11 out of 351 malicious repositories had user warnings about their true nature.
MedCity Pivot Podcast: Being Clear About Cybersecurity
The current season of a cybersecurity podcast recently featured David Bardan, general manager of the healthcare business at Clear, a company that specialises in confirming
