Threat Actor Exploit GitHub and Hosted 60 GitHub Repositories with 100s of Malware
gbhackers
A threat actor group known as Banana Squad has been found exploiting GitHub, a cornerstone platform for developers worldwide, by hosting over 60 malicious repositories containing hundreds of trojanized Python files.
Discovered by the ReversingLabs threat research team, this campaign represents a shift toward stealthier and more sophisticated tactics in open-source exploitation.
Sophisticated Supply Chain Attack Targets Developers
While the volume of malicious packages on repositories like npm and PyPI has reportedly declined, the cunning use of platforms like GitHub highlights a growing trend where attackers masquerade malicious code as legitimate tools to deceive unsuspecting developers.
Banana Squad, first identified by Checkmarx in October 2023, has a history of aggressive campaigns, initially deploying hundreds of malicious packages since April 2023, accumulating nearly 75,000 downloads before mitigation.
Their latest operation, uncovered in November 2024 by researchers ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE