"Attackers are exploiting the Discussions feature to spread fake security alerts about Visual Studio Code, tricking users into downloading malware through alarming titles and fictitious CVE identifiers."
"Thousands of nearly identical messages appear in various repositories within a short period, often from newly created or barely active accounts, indicating a highly automated attack."
"The malicious payload is not distributed directly via GitHub, but through external links to trusted file-sharing services, making it less noticeable to users."
"Attackers use profiling to select victims, enhancing the effectiveness of the campaign by targeting specific developers with tailored messages."
A phishing campaign is targeting developers on GitHub by exploiting the Discussions feature to spread fake security alerts about Visual Studio Code. Attackers use alarming titles and fictitious CVE identifiers to trick users into downloading malware. Thousands of identical messages are posted from newly created accounts, increasing the attack's credibility. The malicious payload is distributed via external links to trusted file-sharing services, leading to an infrastructure controlled by the attackers. Profiling is used to select victims, enhancing the effectiveness of the campaign.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]