Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to targets.

The use of GitHub gave the malware-as-a-service (MaaS) a reliable and easy-to-use platform that’s greenlit in many enterprise networks that rely on the code repository for the software they develop. GitHub removed the three accounts that hosted the malicious payloads shortly after being notified by Talos.

“In addition to being an easy means of file hosting, downloading files from a GitHub repository may bypass Web filtering that is not configured to block the GitHub domain,” Talos researchers Chris Neal and Craig Jackson wrote Thursday. “While some organizations can block GitHub in their environment to curb the use of open-source offensive tooling and other malware, many organizations with software development teams require GitHub access in some capacity. In these environments, a malicious GitHub download may be difficult to differentiate from regular web traffic.”

Read full article

Comments

© Getty Images

---

Enterprise AI agent adoption is accelerating faster than predicted. Get the 4 key takeaways from VB Transform 2025 on how leaders from Intuit, Capital One, and more are deploying agents in production and reshaping their teams for a new era of AI.Read More

---

Dust AI startup hits $6M revenue building enterprise agents that automate workflows and take real actions across business systems using Anthropic's Claude models and MCP protocol.Read More

OpenAI is enhancing its AI-powered “deep research” feature with the ability to analyze codebases on GitHub. On Thursday, OpenAI announced what it’s calling the first “connector” for ChatGPT deep research, the company’s tool that searches across the web and other sources to compile thorough research reports on a topic. Now, ChatGPT deep research can link […]

GitHub Copilot, Microsoft-owned GitHub’s AI coding assistant, could soon become costlier for some users. On Friday, GitHub announced “premium requests” for GitHub Copilot, a new system that imposes rate limits when users switch to AI models other than the base model for tasks such as “agentic” coding and multi-file edits. While GitHub Copilot subscribers can […]