Phishing campaign targets 12,000 GitHub repositories
A phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues. Developers are tricked into authorizing a malicious OAuth app, giving attackers full control over their accounts and code. The fake alerts claim unusual login attempts from Reykjavik, Iceland. They prompt users to take security actions, but all links lead to a harmful app requesting risky permissions. GitHub is likely responding to the attack, as the number of targeted repositories fluctuates. Users who authorized the malicious app should revoke its access and check for suspicious activity in their accounts.