Bleeping Computer

Hackers can use GitHub Codespaces to host and deliver malware

Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and malicious scripts. GitHub Codespaces allows developers to ...
Infosecurity-magazine.com

Malicious Commands in GitHub Codespaces Enable RCE

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a malicious repository or pull request. The findings by Orca Security, show how ...
CSOonline

How attackers might use GitHub Codespaces to hide malware delivery

A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection. Attackers could start abusing GitHub Codespaces, ...