privacysavvy

privacysavvy

Wednesday, May 1, 2024

GitLab にも GitHub スタイルの コメント悪用の問題:マルウェアのホスティングが容易になる

Read on blog or Reader
Site logo image IoT OT Security News Read on blog or Reader

GitLab にも GitHub スタイルの コメント悪用の問題:マルウェアのホスティングが容易になる

Aiototsec

April 21

GitLab affected by GitHub-style CDN flaw allowing malware hosting

2024/04/22 BleepingComputer --- 先日に BleepingComputer は、GitHub の欠陥 (あるいは設計上の仕様) を悪用する脅威アクターが、Microsoft のリポジトリに関連付けられた URL を介して、信頼できるファイルを装いながら、マルウェアを配布していることを報告した。この問題は、GitLab に対しても影響を及ぼすものであり、同様の方法で悪用される可能性が生じることが判明した。このマルウェアに関連する活動の大半は、Microsoft GitHub の URL に基づくものだった。しかしこの "欠陥" は、GitHub や GitLab の、あらゆる公開リポジトリで悪用が可能であり、きわめて説得力のあるルアーを、脅威アクターたちは作成できるという。

Continue reading GitLab にも GitHub スタイルの コメント悪用の問題:マルウェアのホスティングが容易になる
Like

IoT OT Security News © 2024. Manage your email settings or unsubscribe.

WordPress.com and Jetpack Logos

Get the Jetpack app

Subscribe, bookmark, and get real-time notifications - all from one app!

Download Jetpack on Google Play Download Jetpack from the App Store
WordPress.com Logo and Wordmark title=

Automattic, Inc. - 60 29th St. #343, San Francisco, CA 94110  

at May 01, 2024
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

GC property cat rate indices fall 12% to 15% at 1/1

Rates-on-line are down 12% globally, in the US and APAC, but 15% in Europe the data shows ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌...

  • [New post] Norwegian Black Metal Bands – Satanic or Psychotic?
    Dawn ...
  • [New post] Estrazioni Lotto di oggi martedì 30 novembre 2021
    Redazione News posted: "Seguite su Cyberludus.com la diretta delle estrazioni di Lotto, 10eLotto e Superenalotto di martedì...
  • [New post] After Announcing a New CEO, is Lordstown Motors Worth Buying?
    Editorial Team posted: "To improve its market reputation and streamline its operations, on Aug. 26 electric vehicle (EV) ma...

Search This Blog
  • Home

About Me

privacysavvy
View my complete profile

Report Abuse

Blog Archive

  • December 2025 (79)
  • November 2025 (73)
  • October 2025 (88)
  • September 2025 (79)
  • August 2025 (71)
  • July 2025 (89)
  • June 2025 (78)
  • May 2025 (95)
  • April 2025 (85)
  • March 2025 (78)
  • February 2025 (31)
  • January 2025 (50)
  • December 2024 (39)
  • November 2024 (42)
  • October 2024 (54)
  • September 2024 (83)
  • August 2024 (2665)
  • July 2024 (3210)
  • June 2024 (2908)
  • May 2024 (3025)
  • April 2024 (3132)
  • March 2024 (3115)
  • February 2024 (2893)
  • January 2024 (3169)
  • December 2023 (3031)
  • November 2023 (3021)
  • October 2023 (2352)
  • September 2023 (1900)
  • August 2023 (2009)
  • July 2023 (1878)
  • June 2023 (1594)
  • May 2023 (1716)
  • April 2023 (1657)
  • March 2023 (1737)
  • February 2023 (1597)
  • January 2023 (1574)
  • December 2022 (1543)
  • November 2022 (1684)
  • October 2022 (1617)
  • September 2022 (1310)
  • August 2022 (1676)
  • July 2022 (1375)
  • June 2022 (1458)
  • May 2022 (1297)
  • April 2022 (1464)
  • March 2022 (1491)
  • February 2022 (1249)
  • January 2022 (1282)
  • December 2021 (1663)
  • November 2021 (3139)
  • October 2021 (3253)
  • September 2021 (3136)
  • August 2021 (732)
Powered by Blogger.