Bleeping Computer

GitHub accounts stolen in ongoing phishing attacks

GitHub users are currently being targeted by a phishing campaign specifically designed to collect and steal their credentials via landing pages mimicking GitHub's login page. Besides taking over their ...
The Hacker News

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft and cloud destruction.
Ars Technica

GitHub abused to distribute payloads on behalf of malware-as-a-service

Researchers from Cisco’s Talos security team have uncovered a malware-as-a-service operator that used public GitHub accounts as a channel for distributing an assortment of malicious software to ...
Bleeping Computer

GitHub Service Abused by Attackers to Host Phishing Kits

Malicious actors hosted phishing kits on the web-based GitHub code hosting platform by abusing the service's free repositories to deliver them to their targets via github.io domains. This technique ...
Dark Reading

'Stargazer Goblin' Amasses Rogue GitHub Accounts to Spread Malware

A threat actor known as "Stargazer Goblin" has found a new way to leverage GitHub to distribute malware and malicious links to unsuspecting users. Instead of hosting malware on GitHub and then luring ...