I found 10k GitHub repositories distributing Trojan malware
8.3 relevance
Score Breakdown
technical depth 8
novelty 8
actionability 9
community 10
strategic 7
personal 8
Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.
10k GitHub repos with Trojan malware is highly actionable for security and open source supply chain awareness.
Summary
A security researcher discovered over 10,000 GitHub repositories distributing Trojan malware through a coordinated campaign. The repositories copy legitimate projects, then periodically delete and re-push commits that add a zip archive link to the README. The archive evades VirusTotal's URL scan but triggers detection when the file itself is submitted, and GitHub support took over a month to remove the initial reports.