THURSDAY, JULY 9, 2026 48° E  /  GLOBAL TECH · SUMMARISED SUBSCRIBE
AI, business, devices, policy — global tech, summarised every 30 minutes.
Security · 1h ago

Ghost GitHub Accounts Used to Map Corporate Orgs

By Meridian48 News Desk · Summarised from The Hacker News ·

Datadog Security Labs warns of campaigns using dormant GitHub accounts to enumerate corporate organizations, repos, and users via the API. Attackers leverage years-old 'ghost' accounts or compromised OAuth tokens to blend in. The automated scraping uses custom or legitimate-sounding user agents to avoid detection.

Meridian48 take
The reliance on aged accounts highlights how attackers exploit trust in account history, making detection harder for security teams.
Read the full reporting
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs →
The Hacker News
github-abusesupply-chain-security
More security briefs
Go deeper on security
AllAIStartupsBusinessDevicesPolicySecurityDev ToolsPakistan