DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Talk To An Expert
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Talk To An Expert
CyberMaterial
Home Alerts

GitHub Vulnerability Exposes Repositories

September 13, 2023
Reading Time: 2 mins read
in Alerts

A critical vulnerability discovered in GitHub has raised concerns about the exposure of thousands of repositories to repojacking attacks. Checkmarx security researcher Elad Rapoport identified this flaw, which could be exploited by attackers to manipulate GitHub’s repository creation and username renaming processes.

Successful exploitation of the vulnerability posed a significant risk to the open-source community, potentially enabling attackers to hijack over 4,000 code packages across various languages like Go, PHP, and Swift, including GitHub actions. GitHub, owned by Microsoft, promptly addressed the issue after responsible disclosure in March 2023, implementing fixes by September 2023.

Repojacking, a shortened term for repository hijacking, involves threat actors bypassing a security mechanism known as “popular repository namespace retirement” to gain control over repositories.

This protective measure typically prevents users from creating a repository with the same name as one that has over 100 clones when the account owner’s username is changed, effectively retiring the username-repository combination.

However, if attackers can easily circumvent this safeguard, they can create new accounts with the same username and upload malicious repositories, potentially leading to software supply chain attacks.

Checkmarx’s new method for repojacking exploits a race condition between the creation of a repository and the renaming of a username. This involves a series of steps, starting with a victim owning a namespace (“victim_user/repo”), renaming the username to “renamed_user,” which then retires the “victim_user/repo” repository.

Simultaneously, an attacker with the username “attacker_user” creates a repository called “repo” and renames their username to “victim_user.” This process employs API requests for repository creation and renamed requests for the username change. This discovery highlights ongoing challenges in securing popular repository namespaces, underscoring the need for robust safeguards in code hosting platforms.

Source:
  • A NEW REPOJACKING ATTACK EXPOSED OVER 4,000 GITHUB REPOSITORIES TO HACK
  • Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack
  • Persistent Threat: New Exploit Puts Thousands of GitHub Repositories and Millions of Users at Risk
Tags: AlertsAlerts 2023CyberattackCybersecurityElad RapoportGithubGitHub repositoriesRepojackingSeptember 2023Vulnerabilities
54
VIEWS
ADVERTISEMENT

Related Posts

Critical WordPress Plugin Flaws

Critical WordPress Plugin Flaws

September 29, 2023
Cisco Warns of Critical SD-WAN Flaw

Cisco Warns of Critical SD-WAN Flaw

September 29, 2023
Malicious Packages on npm and PyPI

Malicious Packages on npm and PyPI

September 29, 2023
Critical WordPress Plugin Flaws

Critical SharePoint Vulnerabilities Revealed

September 29, 2023

More Articles

Incidents

IT Services Provider Hit by Donut Gang

September 22, 2023
Alerts

Chinese-Language Phishing Campaigns

September 20, 2023
Cyber Briefing

September 22, 2023 – Cyber Briefing

September 22, 2023
Cyber Briefing

September 21, 2023 – Cyber Briefing

September 21, 2023

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Alerts
  • Incidents
  • News
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
    • Tutorials
  • Report Cyber Incident
  • GET HELP
  • Contact Us

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.