Clever 'GitHub Scanner' campaign abusing repos to push malware
Open link in next tab
Just a moment...
https://www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/
https://www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/
A malicious GitHub user opens a new "issue" on an open source repository falsely claiming that the project contains a "security vulnerability" and urges others to visit a counterfeit "GitHub Scanner" domain. The domain in question, however, is not associated with GitHub and tricks users into installing Windows malware.
It's really not that clever.