On Wednesday, a mistakenly claimed that 35,000 projects on GitHub had been affected by a malware attack. After some investigation, the attack was discovered to actually be the cloning of thousands of projects with malicious code added. This malicious code specifically pulls a copy of all the Environment (ENV) variables, sends them to a remote Command and Control server, and sets up a backdoor. GitHub has since removed the malicious repositories.
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is