Security · 1h ago
Hundreds of fake GitHub repos spread infostealer malware
Russian hackers have created hundreds of fake GitHub repositories that mimic legitimate software to distribute infostealers. The repos target passwords, cryptocurrency wallets, and other sensitive data. Researchers warn the campaign is ongoing and poses a significant supply-chain risk.
Meridian48 take
The scale of this operation underscores how trust in open-source platforms can be weaponized, but GitHub's response will determine if this is a blip or a trend.
Read the full reporting
Hundreds of GitHub repos found posing as real software to push malware →
TechRadar
github-malwareinfostealer