腾讯网

威胁情报周报:Codespaces远程代码执行、AsyncRAT C2、BYOVD滥用、AI云入侵 ...

本周没有产生一个重大头条新闻,而是产生了许多小信号——这种信号悄无声息地塑造着未来攻击的模样。 研究人员追踪到从普通场所开始的入侵:开发者工作流、远程工具、云访问、身份路径,甚至是常规用户操作。表面上看起来都不起眼,这正是关键所在。
Bleeping Computer

Hackers can use GitHub Codespaces to host and deliver malware

Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and malicious scripts. GitHub Codespaces allows developers to ...
Infosecurity-magazine.com

Malicious Commands in GitHub Codespaces Enable RCE

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a malicious repository or pull request. The findings by Orca Security, show how ...
CSOonline

How attackers might use GitHub Codespaces to hide malware delivery

A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection. Attackers could start abusing GitHub Codespaces, ...