Security Feed
  1. Archives

Mar 16 2025 Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

Source

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. [...]

Posted by Lawrence Abrams on Sun 16 March 2025 in BleepingComputer.

Tags: Security.

Categories

  1. Ars Technica
  2. AWS Security
  3. BleepingComputer
  4. Brian Krebs
  5. Bruce Schneier
  6. GCP Security
  7. Google Project Zero
  8. The Daily Swig
  9. The Guardian
  10. The Register
  11. Threatpost

Tag cloud

  • Security
  • Uncategorized
  • Security, Identity, & Compliance
  • Biz & IT
  • Security Blog
  • Microsoft
  • Security & Identity
  • Google
  • AI
  • CryptoCurrency
  • Announcements
  • Foundational (100)
  • A Little Sunshine
  • Legal
  • Artificial Intelligence
  • Mobile
  • privacy
  • Apple
  • squid
  • Intermediate (200)
  • Advanced (300)
  • hacking
  • Technical How-to
  • The Coming Storm
  • vulnerabilities

Security Feed. Powered by Pelican and m.css. Code is available on GitLab.