image credit: Pexels

Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware

January 17, 2023


New research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware to victim systems.

GitHub Codespaces is a cloud-based configurable development environment that allows users to debug, maintain, and commit changes to a given codebase from a web browser or via an integration in Visual Studio Code.

It also comes with a port forwarding feature that makes it possible to access a web application that’s running on a particular port within the codespace directly from the browser on a local machine for testing and debugging purposes.

Read More on The Hacker News