Github's Hilariously Simple Malware Exploit

Channel:
Australia Brodie Robertson
Subscribers:
74,600
Published on ● Video Link: https://www.youtube.com/watch?v=nsm7tiyA3TA


Duration: 11:05
29,842 views
1,776

What if there was a way to inject files into an otherwise completely safe project, well it turns out there was an exploit in the way that Github was handling adding files to it's CDN

==========Support The Channel==========
โ–บ Patreon: https://brodierobertson.xyz/patreon
โ–บ Paypal: https://brodierobertson.xyz/paypal
โ–บ Liberapay: https://brodierobertson.xyz/liberapay
โ–บ Amazon USA: https://brodierobertson.xyz/amazonusa

==========Resources==========
Bleeping Computer Post: https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-malware-via-microsoft-repo-urls/
McAfee Post: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/redline-stealer-a-novel-approach/
OpenAnalysis Report: https://research.openanalysis.net/github/lua/2024/03/03/lua-malware.html

=========Video Platforms==========
๐ŸŽฅ Odysee: https://brodierobertson.xyz/odysee
๐ŸŽฅ Podcast: https://techovertea.xyz/youtube
๐ŸŽฎ Gaming: https://brodierobertson.xyz/gaming

==========Social Media==========
๐ŸŽค Discord: https://brodierobertson.xyz/discord
๐Ÿฆ Twitter: https://brodierobertson.xyz/twitter
๐ŸŒ Mastodon: https://brodierobertson.xyz/mastodon
๐Ÿ–ฅ๏ธ GitHub: https://brodierobertson.xyz/github

==========Credits==========
๐ŸŽจ Channel Art:
Profile Picture:
https://www.instagram.com/supercozman_draws/

#Github #Linux #OpenSource #FOSS #itlab

๐ŸŽต Ending music
Track: Debris & Jonth - Game Time [NCS Release]
Music provided by NoCopyrightSounds.
Watch: https://www.youtube.com/watch?v=yDTvvOTie0w
Free Download / Stream: http://ncs.io/GameTime

DISCLOSURE: Wherever possible I use referral links, which means if you click one of the links in this video or description and make a purchase I may receive a small commission or other compensation.



Other Videos By Brodie Robertson


2024-05-05Microsoft Open Sources Another Operating System
2024-05-04Canonical's Mir Still Lives On The Desktop In 2024
2024-05-02Did Hyprland Ship A Major Plugin Vulnerability?
2024-05-01Neofetch Is Officially Abandoned... What Now?
2024-04-30GNOME Foundation Funding Situation Is...
2024-04-296 Linux Terminal Mistakes Everyone Should Avoid
2024-04-28Wayland's First Protocol Without Pointless Drama
2024-04-27Did Nvidia Just Officially Support Nouveau?!?
2024-04-25Kernel Panic Messages Are Completely Broken
2024-04-24Intel ARC Battlemage Hasn't Been Cancelled... Yet
2024-04-23Github's Hilariously Simple Malware Exploit
2024-04-22Long Ago GNOME Was A GNU Project!?!?
2024-04-21Every Linux Distro Must Learn From XZ Backdoor
2024-04-20Every Modern CPU Is Still Fundamentally Broken
2024-04-18SQLite Has The Greatest Code of Conduct
2024-04-17Linux Users Can Never Stop Winning
2024-04-16This ZSH Plugin Manager Is Really SUS
2024-04-15Reproducible Builds: Final Step In FOSS Validation
2024-04-14Linux Is A Castle Built On A Mountain Of Sand
2024-04-135 Reasons KDE Plasma Is Actually Awesome
2024-04-11Every Linux Distro Should Set This One Value!!


Tags:
brodie robertson
linux
brodie robertson linux
arch linux
github
gitlab
brodie robertson arch linux
foss
the linux experiment
distrotube
chris titus tech
linux news
github vs gitlab
gitlab vs github
linux desktop
cve
github repo
github security
github cve
github malware
github pull request
github issue
pull request
merge request
gitlab merge request
linux tutorial
github tutorial