Water Curse Hijacks 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign

How to use Gists on GitHub

You already know GitHub as the go-to platform for big projects, but what about those small code snippets you want to share quickly? You may not necessarily want to create a repository for that, and that’s where GitHub Gists come in. Gists are just GitHub’s lightweight repository, perfect for sharing single files, code snippets, or even notes without setting up a full repository. If you’re a developer who wants to share a quick fix or have a disc…

Water Curse Hijacks 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign

研究人员发现了一个名为Water Curse的新威胁行为者，其利用GitHub仓库分发多阶段恶意软件以窃取数据、实现远程访问并长期潜伏于系统中。该组织通过反调试技术、权限提升和持久化机制维持对目标系统的控制，并以供应链为目标，借助开发者工具模糊红队工具与恶意软件分发的界限。其攻击活动还滥用合法平台如GitHub作为恶意软件传播渠道，并结合多种工具和技术实施攻击。

Water Curse Employs 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign

Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage malware. "The malware enables data exfiltration (including credentials, browser data, and session tokens), remote access, and long-term persistence on infected systems," Trend Micro researchers Jovit Samaniego, Aira Marcelo, Mohamed