GitHub users are being targeted in a phishing and extortion campaign which tricks victims into granting external access to their accounts and repositories. The scam uses GitHub’s email notification system and a malicious OAuth app. Once permission is gained, the attacker wipes user repos and demands a ransom via Telegram for the recovery of their data. GitHub has advised not to click links in suspicious messages and warned users to be wary of authorising OAuth apps.
Police raid malware network tied to Russia's Evil Corp hacker group – The Record from Recorded Future News
Police raid malware network tied to Russia’s Evil Corp hacker group The Record from Recorded Future News
.webp?w=0&resize=0,0&ssl=1 "Hackers Abuse Third-Party Okendo Reviews Script to Spread SmartApeSG Malware Campaign")