ZDNet

GitHub warns Java developers of new malware poisoning NetBeans projects

GitHub has issued a security alert on Thursday warning about a new malware strain that's been spreading on its site via boobytrapped Java projects. The malware, which GitHub's security team has named ...
Bleeping Computer

New Octopus Scanner malware spreads via GitHub supply chain attack

• Identify user's NetBeans directory • Enumerate all projects in the NetBeans directory • Copy malicious payload cache.dat to nbproject/cache.dat • Modify the nbproject/build-impl.xml file to make ...