Cybersecurity researchers have uncovered a campaign where threat actors have uploaded over 67 trojanized GitHub repositories disguised as legitimate Python hacking tools. The activity, linked to the Banana Squad campaign, targets users seeking hacking and cheat tools, highlighting the growing threat of malicious code in open-source platforms. #BananaSquad #GitHubTrojanReopsitories
Keypoints
- Threat actors created over 67 trojanized GitHub repositories impersonating legitimate tools.
- The campaign is an extension of previous Python Package Index (PyPI) targeting activities with stealth malware.
- Users searching for cheat tools and account management software are primary targets of this campaign.
- Many repositories contain backdoors designed to steal sensitive data and maintain remote access.
- Cybercriminals are using fake GitHub accounts and social media platforms to distribute and promote malicious repositories.
Read More: https://thehackernews.com/2025/06/67-trojanized-github-repositories-found.html