Bleeping Computer

Gitloker attacks abuse GitHub notifications to push malicious OAuth apps

Threat actors impersonate GitHub's security and recruitment teams in phishing attacks to hijack repositories using malicious OAuth apps in an ongoing extortion campaign wiping compromised repos. The ...
Bleeping Computer

Here's how a researcher broke into Microsoft VS Code's GitHub

This month a researcher has disclosed how he broke into the official GitHub repository of Microsoft Visual Studio Code. A vulnerability in VS Code's issue management function and a lack of ...
heise online

On GitHub: Numerous fakes of well-known Mac apps are circulating

Watch out when googling for macOS apps: Developers, especially of well-known indie applications for the Mac, are warning that clones of their products are circulating on GitHub that are apparently ...