Gitpaste-12 is Active Again With New Exploits


Gitpaste-12 – the worm that spreads via GitHub and uses Pastebin and GitHub to host malicious payload – has returned this time with an expanded set of exploits. The worm was previously found exploiting 12 vulnerabilities, and now it has added over 30 vulnerability exploits to its arsenal.

Read More: Lessons learned from Public Key Infrastructure

The worm was first discovered in October, targeting IoT devices and Linux-based servers. The recent attacks use payloads hosted on a new GitHub repository, including a list of passwords for brute-force attacks,  a Linux-based cryptominer, and a statically linked Python 3.9 interpreter.

Read More: cyware