GitHub

The GitVenom malware campaign primarily targets GitHub users, particularly gamers and crypto investors, by masquerading as open-source projects. These fake repositories contained malicious scripts with the potential to download further nefarious components and execute them. The campaign, active for years with most infection attempts in Russia, Brazil, and Turkey, managed to compromise GitHub accounts, credentials, and crypto data, executing operations such as the theft of cryptocurrency and installing backdoors for remote access. Financial loss is substantial, reaching approximately 5 BTC, valued at around $485,000 at the time of discovery, affecting users' financial assets and GitHub's reputation as a trusted development platform.

Source: https://securityaffairs.com/174651/malware/gitvenom-campaign-targets-gamers-and-crypto-investors.html

"id": "git000030125",
"linkid": "github",
"type": "Cyber Attack",
"date": "2/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"