Home / Cybersecurity / GitHub Malicious Repositories: 10,000 Trojan Clones Evade Detection for Over…
GitHub Malicious Repositories: 10,000 Trojan Clones Evade Detection for Over a Year
techtimes.com Jun 19, 2026

GitHub Malicious Repositories: 10,000 Trojan Clones Evade Detection for Over a Year

Curated by · TechCapsules ·

AI-summarised brief · reviewed before publication

A security researcher has discovered that approximately 10,000 GitHub repositories have been distributing Trojan malware to developers for over a year without being flagged or removed by the platform's automated security systems. The malicious repositories were created by cloning legitimate projects and adding a link to a downloadable ZIP archive containing a Trojan payload. The attackers exploited GitHub's trust signals and anomaly-detection architecture, making it difficult for automated systems to detect the long-running threats. The researcher released an open-source detection tool and a list of the affected repositories after GitHub's security team failed to respond to prior disclosures.

💡 Why It Matters

  • · The widespread evasion of GitHub's security systems highlights a critical vulnerability in the platform's architecture, allowing malicious actors to quietly distribute malware to developers for extended periods.
  • · This structural gap underscores the need for more robust anomaly-detection mechanisms to prevent similar campaigns in the future.
Capsules Cybersecurity Microsoft
Read full article on techtimes.com
More in Cybersecurity →
e2e-assure introduces Cumulo, the U.K.’s only sovereign, AI-driven, zero-day SOC platform to secure IT and OT environments
artificialintelligence-news.com · Jun 19

e2e-assure introduces Cumulo, the U.K.’s only sovereign, AI-driven, zero-day SOC platform to…

e2e-assure has launched Cumulo, a sovereign, AI-driven, zero-day SOC platform in the U.K. The platform uses digital twin technology and customer-dedicated AI models to identify threats and vulnerabilities before incidents occur. Cumulo is designed to counter AI-driven threats and answers the recent call by GCHQ Director Anne Keast-Butler for a national cyber defence capability with cutting-edge agentic AI. The platform combines predictive modelling with sovereign local AI models and expert human oversight for millisecond detection of known and emerging indicators of compromise.

💡 The launch of Cumulo highlights the growing need for sovereign security solutions that can operate independently of external cloud AI services. By keeping defensive AI capabilities local, organisations can ensure their ability to defend remains intact during a crisis, particularly in regulated or high-dependence environments.

Cybersecurity Veterans Warn US Anthropic AI Ban Could Backfire in 2026
memeburn.com · Jun 19

Cybersecurity Veterans Warn US Anthropic AI Ban Could Backfire in 2026

The US government has ordered Anthropic to restrict foreign access to its powerful AI models, Fable 5 and Mythos 5, citing national security concerns. Over 50 cybersecurity leaders have urged the government to lift the restrictions, warning that this could make the internet less safe. The ban could slow defensive cyber work, as security teams rely on advanced AI to scan code and spot suspicious patterns. Anthropic has suspended access to the models worldwide due to the difficulty of separating users by nationality. This decision has created a messy outcome, affecting global access to AI tools. The cybersecurity leaders argue that hackers will still find ways to access strong tools, while defenders will be left behind.

💡 Restricting access to powerful AI models shifts the balance in favor of attackers, who can still obtain strong tools through other means. Legitimate researchers are left without useful tools to defend against cyber threats.

A12 & A13 Apple devices face an unpatchable SecureROM vulnerability
appleinsider.com · Jun 19

A12 & A13 Apple devices face an unpatchable SecureROM vulnerability

Security researchers have disclosed an unpatchable SecureROM exploit, called usbliter8, for Apple's A12 and A13 chips. The vulnerability affects devices such as iPhones, iPads, and Apple Watches, allowing researchers to gain control before iOS starts loading. The exploit targets a flaw in Apple's USB boot process and cannot be fixed through software updates. Devices affected include the iPhone XS, iPhone 11 lineup, and several iPad and Apple Watch models. The vulnerability exists in the SecureROM, the first code that runs when an iPhone starts up.

💡 This exploit highlights the persistence of security vulnerabilities in Apple's SecureROM, which cannot be updated after manufacturing. The usbliter8 exploit demonstrates that even the earliest stages of Apple's boot process can be compromised, making it a significant concern for device security.

Living Security Launches 2026 Cybersecurity Awareness Month Program to Help Organizations Navigate Trust in an AI World
finanznachrichten.de · Jun 19

Living Security Launches 2026 Cybersecurity Awareness Month Program to Help Organizations Navigate…

Living Security has launched its 2026 Cybersecurity Awareness Month program to help organizations navigate trust in an AI world. The program provides a complete campaign package with expert-led learning, interactive experiences, and ready-to-launch resources. It aims to help employees recognize AI-enabled deception, strengthen verification behaviors, and reduce human risk. The program includes a live virtual kickoff event, weekly awareness content, and a campaign planning toolkit. Organizations can launch the program in days, simplifying planning and execution. The program is significant as it addresses the growing concern of AI-accelerated cyber threats and the need for effective employee engagement.

💡 By targeting the 10% of employees who account for 73% of organizational human risk, the program can significantly reduce an organization's vulnerability to cyber threats. Effective employee engagement through this program can strengthen trust and verification skills.

USB worm spreads crypto-stealing malware via Windows shortcut files
bleepingcomputer.com · Jun 19

USB worm spreads crypto-stealing malware via Windows shortcut files

A USB worm is spreading crypto-stealing malware via Windows shortcut files, targeting cryptocurrency wallets since at least February. The malware monitors clipboard contents, replacing wallet addresses with ones controlled by the attacker, and captures screenshots. Infection occurs when a victim opens a malicious LNK file on a USB drive, triggering the malware to execute and spread to other connected devices. The malware uses the Tor network to conceal communication and can capture seed phrases and private keys. Microsoft has identified the infection process and provided indicators of compromise.

💡 Crypto theft can be particularly devastating due to the irreversible nature of transactions. Malware that can stealthily replace wallet addresses poses a significant threat to individual investors and the broader cryptocurrency market.

SECURE Data Act offers ‘clear, enforceable’ privacy rules, without the big money lawsuits
blackchronicle.com · Jun 18

SECURE Data Act offers ‘clear, enforceable’ privacy rules, without the big money…

Republicans in Congress have proposed the SECURE Data Act, a law that aims to establish national standards for protecting privacy rights. The legislation seeks to end the growing number of lawsuits targeting U.S. companies, often with no proof of harm. The proposed law, dubbed the "Safeguarding and Enhancing Cybersecurity and Understanding Rights of Every Data Subject Act," aims to address a "patchwork" of state privacy protection laws that have generated billions of dollars for trial lawyers. The SECURE Data Act would provide clear, enforceable rules for companies to follow, reducing uncertainty and risk for American tech companies.

💡 The SECURE Data Act could be a game-changer for American businesses, shielding them from costly lawsuits that often lack merit. By establishing national standards, the legislation would prevent trial lawyers from exploiting loopholes in state laws, allowing companies to focus on innovation rather than litigation.