Multiple threat actors are abusing the GitHub API to discover organizations’ repositories and members via ghost accounts.
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to ...