Hackers Leveraging GitHub Platform for Hosting Malware

Researchers used GitHub Gists to host malware and sent malicious commands through the platform’s commit messages, according to threat research team ReversingLabs. Hackers disguised malicious code as libraries for network proxying. To avoid detection, they encoded the harmful URLs using Base64. The researchers encouraged developers and security teams to deploy sophisticated tools that use detailed binary analysis to ensure robust software supply chain security.