{"id":9572,"date":"2025-06-22T18:16:43","date_gmt":"2025-06-22T09:16:43","guid":{"rendered":"https:\/\/aireviewirush.com\/?p=9572"},"modified":"2025-06-22T18:16:43","modified_gmt":"2025-06-22T09:16:43","slug":"github-hit-by-a-classy-malware-marketing-campaign-as-banana-squad-mimics-fashionable-repos","status":"publish","type":"post","link":"https:\/\/aireviewirush.com\/?p=9572","title":{"rendered":"GitHub hit by a classy malware marketing campaign as \u2018Banana Squad\u2019 mimics fashionable repos"},"content":{"rendered":"<p> <br \/>\n<br \/><img decoding=\"async\" src=\"https:\/\/www.infoworld.com\/wp-content\/uploads\/2025\/06\/4010128-0-18673400-1750421532-shutterstock_2392299743.jpg?quality=50&amp;strip=all\" alt=\"\"><\/p>\n<div>\n<p>The repository names had been discovered to be similar to a number of different non-trojanized repositories, indicating some type of typo-squatting at play. Moreover, the \u201cAbout\u201d part of those repositories was filled with search key phrases associated to the unique repository\u2019s theme and sometimes included an emoji, normally a flame or a rocket ship, hinting at using AI.<\/p>\n<p>ReversingLabs shared an inventory of marketing campaign indicators, together with domains, URLs, and filenames, together with all 67 flagged repositories for builders to be careful for.<\/p>\n<p>\u201cFor builders counting on these open-source platforms (GitHub), it\u2019s important to all the time double-check that the repository you\u2019re utilizing truly accommodates what you anticipate,\u201d Simmons cautioned. \u201cNevertheless, one of the simplest ways to keep away from working into this menace is to check the specified repository to a earlier, recognized good model of the software program or supply code.\u201d<\/p>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>The repository names had been discovered to be similar to a number of different non-trojanized repositories, indicating some type of typo-squatting at play. Moreover, the \u201cAbout\u201d part of those repositories was filled with search key phrases associated to the unique repository\u2019s theme and sometimes included an emoji, normally a flame or a rocket ship, hinting [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":9574,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[],"class_list":["post-9572","post","type-post","status-publish","format-standard","has-post-thumbnail","category-cloud-computing"],"_links":{"self":[{"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/posts\/9572","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9572"}],"version-history":[{"count":1,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/posts\/9572\/revisions"}],"predecessor-version":[{"id":9573,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/posts\/9572\/revisions\/9573"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=\/wp\/v2\/media\/9574"}],"wp:attachment":[{"href":"https:\/\/aireviewirush.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9572"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9572"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aireviewirush.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9572"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}