GitHub Repository Hijacks Used to Distribute Malware to Developers
Researchers reported active software supply chain attacks in which legitimate GitHub accounts and repositories were compromised and then used to distribute malware to developers. In one case, the verified dev-protocol GitHub organization was hijacked and repurposed to host polished Polymarket trading-bot repositories that secretly pulled typosquatted npm dependencies. Running the project exfiltrated .env contents including wallet private keys to attacker-controlled infrastructure, performed host fingerprinting, and modified firewall settings to expose SSH access; victims were advised to rotate wallet and API secrets and inspect ~/.ssh/authorized_keys for persistence.
A separate but related GitHub-focused campaign, dubbed ForceMemo, involved takeover of developer accounts and force-pushes to hundreds of Python repositories so that malicious code was appended to files such as setup.py, main.py, and app.py while preserving original commit metadata. Anyone installing directly from those repos could trigger the payload, and the activity affected projects ranging from Django applications to ML and Streamlit code. A report on malicious npm packages posing as a Roblox Solara executor was excluded because it describes a different npm ecosystem campaign centered on Cipher stealer, not the GitHub account and repository hijacks used in the other incidents.
Timeline
Mar 15, 2026
StepSecurity analyzes malicious Polymarket bot in sandbox
StepSecurity published technical findings on the dev-protocol-hosted Polymarket bot, confirming in a monitored GitHub Actions sandbox that typosquatted npm packages exfiltrated data to Vercel-hosted infrastructure, collected IP data, and modified firewall and SSH settings. The report also noted attackers deleted GitHub warning issues to suppress disclosure.
Mar 15, 2026
Hijacked dev-protocol GitHub org hosts malicious Polymarket bot repos
Attackers hijacked the verified GitHub organization dev-protocol and used it to publish more than 20 scam Polymarket trading bot repositories. The repos were made to appear credible with bot-driven stars and forks and included malware that stole wallet keys, sensitive files, and enabled SSH access on victim systems.
Mar 14, 2026
StepSecurity discloses ForceMemo campaign and publishes IOCs
StepSecurity publicly reported the ForceMemo campaign, describing how attackers preserved original commit metadata while changing committer dates to hide malicious force-pushes. The report also detailed the obfuscated Python malware's use of Solana transaction memos for command-and-control and said maintainers of notable affected repositories had been notified.
Mar 8, 2026
ForceMemo campaign begins compromising GitHub Python repositories
Attackers began an ongoing supply-chain campaign later dubbed ForceMemo, taking over GitHub accounts and force-pushing malicious commits into Python repositories. StepSecurity said the activity started as early as 2026-03-08 and affected repositories spanning Django, Flask, Streamlit, machine learning code, and Python packages.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Sources
Related Stories
Software Supply-Chain Attacks Abusing GitHub and npm Dependency Mechanisms
Security researchers reported two distinct software supply-chain abuse paths that can make malicious code appear to originate from trusted sources. GMO Cybersecurity by Ierae described an active campaign dubbed **“repo squatting”** that abuses how GitHub renders and links commits from forks: a commit made in an attacker-controlled fork can be viewed under the upstream project’s URL structure, enabling convincing links like `github.com/<official-org>/<repo>/commit/<hash>` that appear to belong to the official repository. The campaign targeted the *GitHub Desktop* project by distributing a trojanized installer carrying **HijackLoader**, with the malicious download link presented in a way that could mislead users and some security tooling into believing it came from the official repo. Separately, Koi researchers disclosed **PackageGate** weaknesses in JavaScript dependency tooling that allow bypassing npm’s post–**Shai-Hulud** mitigations when installing **Git-based dependencies**. They reported that a malicious `.npmrc` in a Git dependency can override the `git` binary path, enabling **code execution even when lifecycle scripts are disabled** (e.g., `--ignore-scripts=true`), affecting multiple tools (including *pnpm*, *vlt*, *Bun*, and *npm*). Vendors reportedly addressed the issue in the non-npm tools, while npm closed the report as “works as expected,” and researchers cited evidence of prior proof-of-concept abuse (e.g., reverse shell) indicating practical exploitation risk for organizations relying on Git dependencies in CI/CD and developer environments.
1 months ago
Malware Campaigns Targeting Developers via npm and GitHub Repositories
A new wave of supply chain attacks has targeted developers through malicious npm packages and GitHub repositories, with attackers leveraging both automated worms and sophisticated social engineering. The npm registry was compromised by a self-replicating worm known as "Sha1-Hulud: The Second Coming," which infected over 800 packages and 27,000 GitHub repositories. The malware aimed to steal sensitive data such as API keys, cloud credentials, and authentication tokens, and it backdoored npm packages to execute malicious payloads during installation. Attackers also abused GitHub Actions workflows for command-and-control and data exfiltration, with a notable shift to using the Bun runtime for improved stealth and evasion of Node.js-focused defenses. In a related attack vector, threat actors used fake job interviews to lure developers into cloning and running seemingly benign Next.js projects from private GitHub repositories. The malicious code was hidden in the `next.config.js` file, which executed on the developer's machine during project setup, bypassing traditional dependency-based detection. This "Living off the Land" technique enabled the theft of credentials, including those for LastPass and cryptocurrency wallets, by exploiting trusted development workflows. Both incidents highlight the growing risk of supply chain attacks targeting developers through trusted tools and social engineering tactics.
1 months ago
Fake GitHub Repositories Deliver Lua-Based Malware to Developers
Security researchers reported a **FakeGit** campaign using counterfeit GitHub repositories to trick developers into downloading trojanized tools, with Magento developers among the primary targets. The repositories copied code, commit history, and project structure from legitimate open-source deployment, Docker, and configuration projects so that authentic contributor names appeared alongside the fake repos, increasing credibility. Victims were directed to download ZIP archives that contained a LuaJIT runtime, a batch launcher, and obfuscated Lua payloads that installed Windows malware, including a remote access trojan and keylogger; Sansec also published malicious GitHub accounts, repository names, and SHA1 hashes tied to the operation. A related lure expanded the campaign beyond Magento by impersonating a security automation project named **`n8n-CyberSecurity-Workflows`**, targeting red team, blue team, and AppSec users with GitHub stars, an MIT license, and a README download button. Analysis of the downloaded archive found a Lua-based trojan loader using DLL sideloading through a renamed Lua 5.1 interpreter to execute obfuscated bytecode, with VirusTotal detections labeling the payload as **`trojan.fakegit/runner`**. The malware was also observed contacting a Polygon blockchain RPC endpoint, behavior researchers said aligns with crypto-clipper or wallet-drainer activity, indicating the FakeGit operation is using trusted developer platforms to distribute credential theft and broader financially motivated malware.
1 weeks ago