Threat actors are increasingly using GitHub, an open-source development platform, for hosting malware. They abuse the GitHub’s secret gists and git commit messages to issue malicious commands, aiding in evading detection tools. While these public services cannot entirely prevent takedowns, their inherent reliability and low cost make them attractive for creating attack infrastructure. ReversingLab researchers detected several tainted PyPI packages that concealed Base64-encoded URLs pointing to a secret gist hosted on a throwaway GitHub account.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some