bug-bounty547
xss295
rce195
google178
exploit135
microsoft126
malware123
bragging-post120
facebook115
account-takeover113
cve105
open-source91
privilege-escalation87
csrf81
authentication-bypass75
stored-xss72
phishing69
access-control65
ai-agents63
writeup61
reflected-xss61
apple60
ssrf54
input-validation53
web-security53
reverse-engineering51
browser51
sql-injection49
cross-site-scripting48
dos47
smart-contract46
tool46
supply-chain45
defi45
ethereum45
privacy44
web-application43
cloudflare42
web341
lfi41
information-disclosure39
llm37
responsible-disclosure37
oauth36
ctf36
burp-suite35
api-security35
opinion35
vulnerability-disclosure34
automation34
0
7/10
StepSecurity discovered ForceMemo, an ongoing campaign compromising hundreds of GitHub accounts via the GlassWorm malware (distributed through malicious VS Code/Cursor extensions) to inject obfuscated, Solana blockchain-based C2 malware into Python repositories. Attackers use stolen GitHub credentials to force-push malicious code while preserving original commit metadata, affecting popular projects like Django and ML research repositories.
supply-chain-attack
github-compromise
account-takeover
force-push
malware-injection
python-packages
credential-theft
glassworm
obfuscation
malicious-commits
pypi-security
solana-blockchain
command-and-control
vs-code-extensions
cursor-extension
git-credentials
threat-intelligence
StepSecurity
ForceMemo
GlassWorm
GitHub
Python
PyPI
Django
Streamlit
Solana
Cursor
VS Code
amirasaran/django-restful-admin
BierOne
wecode-bootcamp-korea
HydroRoll-Team
0
2/10
technique
A creative exploration of using CSS text-transform, font manipulation via fontTools, and spelling/stylometric changes to obscure authorship and evade pattern-based detection—demonstrating how writing style can be obfuscated while preserving code blocks.
Will Keleher
Peter Norvig
fontTools
FontForge
Roboto