Threat actors could exploit the port forwarding feature in cloud-based configurable development environment GitHub Codespaces to facilitate malware delivery, according to The Hacker News.
Such a feature, which enables manual forwarding of ports, as well as the labeling, sharing, and inclusion of forwarded ports to codespace configuration, could be leveraged for malicious file server creation in a GitHub account, a Trend Micro report found.
Attackers could establish a codespace and download the malware from a controlled domain while making the forwarded port public in order to host and deploy malicious payloads, according to researchers. Such payloads are also unlikely to be flagged by security solutions.
The findings indicate the potential weaponization of cloud platform features for malicious activities.
"Cloud services offer advantages to legitimate users and attackers alike. The features offered to legitimate subscribers also become available to threat actors as they take advantage of the resources provided by the [cloud service provider]," said researchers.
Several new features have been added by DevOps security firm Cycode to its application security posture management platform led by the inclusion of generative artificial intelligence into its Risk Intelligence Graph, reports SiliconAngle.
Incident response firm BreachQuest has been purchased for an undisclosed amount by cyber risk management provider Resilience to facilitate more efficient cyber incident response efforts, SiliconAngle reports.