How GitHub Is Securing the Software Supply Chain

In light of recent cyberattacks and growing security concerns, GitHub is taking immediate and direct action to secure the open-source software supply chain.
Bleeping Computer

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full ...
CSOonline

GitHub accounts targeted with fake security alerts

In a new phishing campaign, GitHub developers are being targeted with fake “Security Alerts” where they are prompted to authorize a malicious OAuth application. Successful execution of the Click-fix ...
Infosecurity-magazine.com

Salesloft: GitHub Account Breach Was Ground Zero in Drift Campaign

A major data theft campaign targeting Salesforce data via the Salesloft Drift app began after threat actors compromised a key GitHub account, Salesloft has revealed. The sales engagement firm said in ...