#github
7 articles
Between 21 April and 13 July 2026, ZCyberNews published eight articles under the GitHub tag, covering seven high-severity incidents and one critical event. The top threat actor observed was Lazarus Group. Key vulnerabilities included CVE-2026-45033 with a CVSS score of 9.8 and CVE-2026-3854 with a CVSS score of 8.7. Affected sectors spanned software development, technology, cryptocurrency, enterprise software, and government, with impacts reported globally, particularly in North America and the United States.
HIGHCISA Postmortem Reveals GitHub Credential Leak Lasted Six Months
CISA's postmortem on a GitHub leak exposing 844 MB of internal data, including AWS GovCloud keys, reveals the agency ignored nine automated alerts and took 48 hours to rotate...
HIGHGrafana GitHub Token Breach Lets Attacker Download Full Codebase
An attacker used a compromised GitHub token to download Grafana's entire private codebase. The company says no customer data was accessed and the incident involved an extortion...
CRITICALGitHub Copilot CLI Flaw CVE-2026-45033 Enables RCE via Malicious Repos
CVE-2026-45033 (CVSS 9.8) in GitHub Copilot CLI before 1.0.43 lets attackers achieve remote code execution by embedding a malicious bare git repository in a project directory.
HIGHSailPoint Discloses GitHub Repo Breach via Third-Party App
SailPoint reported to the SEC that attackers accessed a subset of its GitHub repositories on April 20 via a third-party app vulnerability.
HIGHGitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
CVE-2026-3854 (CVSS 8.7) lets authenticated users with push access achieve remote code execution on GitHub.com and GitHub Enterprise Server via a crafted git push command.
HIGHNorth Korean Fake Job Scams Spread Malware via 'Contagious Interview'
North Korean operatives use a 'contagious interview' tactic, where a compromised developer's GitHub repo spreads RATs to other job seekers.
HIGHGitHub Issue Notifications Hijacked for Developer Phishing via OAuth Apps
Threat actors are using GitHub's trusted notification system to phish developers, pushing malicious OAuth apps that steal account data and hijack repositories. The campaign exploits the platform's own infrastructure to bypass traditional email security.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.