Lunch Time Nibbles - 2022-08-03

Welcome to another Lunch Time breakout:

35,000 code repos not hacked—but clones flood GitHub to serve malware
Thousands of GitHub repositories were forked (cloned) and altered to include malware, a software engineer discovered. [...]
Read more....

Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users
A new, large-scale phishing campaign has been observed using adversary-in-the-middle (AitM) techniques to get around security protections and compromise enterprise email accounts. "It uses an adversary-in-the-middle (AitM) attack technique capable of bypassing multi-factor authentication," Zscaler researchers Sudeep Singh and Jagadeeswar Ramanukolanu said in a Tuesday report. "The campaign is
Read more....

VMware Releases Patches for Several New Flaws Affecting Multiple Products
Virtualization services provider VMware on Tuesday shipped updates to address 10 security flaws affecting multiple products that could be abused by unauthenticated attackers to perform malicious actions. The issues, tracked from CVE-2022-31656 through CVE-2022-31665 (CVSS scores: 4.7 - 9.8), impact VMware Workspace ONE Access, Workspace ONE Access Connector, Identity Manager, Identity Manager
Read more....

Thousands of Solana wallets drained in attack using unknown exploit
An overnight attack on the Solana blockchain platform drained thousands of software wallets of cryptocurrency worth millions of U.S. dollars. [...]
Read more....