A study has revealed the presence of 4.5 million fake stars on the GitHub platform, potentially escalating the visibility of malicious repositories associated with scam activities. These stars are similar to social media likes and help to increase a repository’s ranking and recommendations. Researchers have urged users to consider factors other than star count when assessing a repository. GitHub has started taking measures against these fake stars.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and