cognitive cybersecurity intelligence

News and Analysis

Search

GitHub phishing campaign wipes repos, extorts victims

GitHub users are being targeted in a phishing and extortion campaign which tricks victims into granting external access to their accounts and repositories. The scam uses GitHub’s email notification system and a malicious OAuth app. Once permission is gained, the attacker wipes user repos and demands a ransom via Telegram for the recovery of their data. GitHub has advised not to click links in suspicious messages and warned users to be wary of authorising OAuth apps.

Source: packetstormsecurity.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts