Gitloker Exploits GitHub Notifications to Hijack Repos
June 11, 2024
Comments (0)
Threat actors are impersonating GitHub’s security and recruitment teams in phishing attacks designed to hijack repositories through malicious OAuth apps. This ongoing extortion campaign has been wiping compromised repositories. Since February, dozens of developers have received deceptive job offers or security alert emails from “[email protected].” These emails were sent after