Gitloker attacks abuse GitHub notifications to push malicious oAuth apps

Threat actors impersonate GitHub's security and recruitment teams in phishing attacks to hijack repositories using malicious OAuth apps in an ongoing extortion campaign wiping compromised repos. [...]

https://www.bleepingcomputer.com/news/security/gitloker-attacks-abuse-github-notifications-to-push-malicious-oauth-apps/

Posted from: this blog via Microsoft Power Automate.

Comments

Popular posts from this blog