#GitHubWarning

Gitloker attacks abuse GitHub notifications to push malicious oAuth apps

by

June 10, 2024 at 06:25PM Threat actors are impersonating GitHub’s teams in phishing attacks, aiming to hijack repositories using malicious OAuth apps. These attackers have been targeting developers with fake job offers or security alerts via phishing emails and redirecting them to fake GitHub landing pages, leading to compromised accounts and wiped repositories. GitHub advises … Read more

Japan warns of malicious PyPi packages created by North Korean hackers

by

February 28, 2024 at 10:08AM JPCERT/CC warns of North Korean hacker group Lazarus uploading four malicious PyPI packages to infect developers with malware. These packages allow access to developer networks, enabling financial fraud and supply chain attacks. The malware, named “Comebacker,” connects to the attacker’s server and executes further Windows malware. Previous attacks by Lazarus … Read more