🚨 #mastoadmin This week, New GitHub campaign abusing repos to push malware after a user opens new "issue" on a repository falsely claiming that the project contains a "security vulnerability" & urges others a counterfeit "GitHub Scanner" domain not as...
-
#mastoadmin This week, New GitHub campaign abusing repos to push malware after a user opens new "issue" on a repository falsely claiming that the project contains a "security vulnerability" & urges others a counterfeit "GitHub Scanner" domain not associated with GitHub & tricks users into installing Windows malware
Users/contributors to such repositories receive "IMPORTANT!" email alert from legitimate GitHub server making this phishing campaign seem more convincing
https://www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/