![]() ![]() In the era of pervasive AI integration, Microsoft has a prime opportunity to prioritize internal security measures before expanding outward. Microsoft tries to be a global leader in security but has a lot of in-house issues it needs to address. GitHub isn't the only cybersecurity issue Microsoft is facing. ![]() Be careful when downloading any code from GitHub until Microsoft can handle this issue. ![]() Look for any code communicating with social media platforms or crypto wallets. The best practice is to run code in a sandbox to protect your primary PC. Look for Python patterns in your PC environment that match these code strings: If you want to check your PC for these files, that would be highly time-consuming. Apiiro provided a VirusTotal graph with some of the malicious files discovered. Suppose you want to check if your PC is infected. You probably can't rely on Microsoft and GitHub to keep you safe if you are a heavy GitHub user. As these attacks continue, more and more users could be infected. This attack seems to be a whack-a-mole situation where GitHub will have to try to detect this code after it is uploaded and possibly once it's too late. This attack started in May of 2023 but has grown exponentially. What can Microsoft do to make GitHub safe?Īccording to the report, " GitHub was notified, and most of the malicious repos were deleted, but the campaign continues, and attacks that attempt to inject malicious code into the supply chain are becoming increasingly prevalent."
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |