MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
github
Search

Attackers attempted hijacking 12,000 GitHub accounts with click-fix alerts

Monday March 17, 2025. 12:23 PM , from InfoWorld
In a new phishing campaign, GitHub developers are being targeted with fake “Security Alerts” where they are prompted to authorize a malicious OAuth application.

Successful execution of the Click-fix campaign, which has reportedly targeted over 12,000 GitHub repositories, can allow attackers full control over the affected accounts and codes.
Read more at InfoWorld
https://www.csoonline.com/article/3846732/attackers-attempted-hijacking-12000-github-accounts-with-c...

Related News

github Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos TheRegisterMar 18
click-fix Organizations struggle with too many data loss prevention alerts BetaNewsMar 18
attackers TikTok launches Security Checkup tool to help users keep their accounts protected BetaNewsMar 18
accounts 'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild' TheRegisterMar 18
alerts Thousands of open source projects at risk from hack of GitHub Actions tool InfoWorldMar 17
are GitHub supply chain attack spills secrets from 23,000 projects TheRegisterMar 17
over GitHub to unbundle Advanced Security InfoWorldMar 12
hijacking Attackers can use undocumented commands to hijack Chinese-made Bluetooth chips BetaNewsMar 10
campaign Microsoft admits GitHub hosted malware that infected almost a million devices TheRegisterMar 10
targeted Microsoft discovers massive malvertising campaign on GitHub OS NewsMar 7
attempted Visual Studio Code 1.98 shines on GitHub Copilot InfoWorldMar 7
github Best password managers 2025: Protect your online accounts PC WorldMar 4
click-fix Infostealer malware stole 493 million accounts. Is yours one of them? PC WorldMar 4
attackers CPU-Z now alerts you about missing ROPs in RTX 50-series cards PC WorldMar 3
accounts Thousands of Exposed GitHub Repositories, Now Private, Can Still Be Accessed Through Copilot SlashdotFeb 27
alerts 30-year-old NHS supply chain system hit by 35 major alerts in 11 months TheRegisterFeb 27
are Pixel Watch 3 Gets FDA Clearance For Loss of Pulse Alerts SlashdotFeb 27
over 200-plus impressively convincing GitHub repos are serving up malware TheRegisterFeb 26
hijacking OpenAI Bans Chinese Accounts Using ChatGPT To Edit Code For Social Media Surveillance SlashdotFeb 22
campaign Malware-as-a-Service accounts for 57 percent of all threats BetaNewsFeb 19
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Mar, Tue 18 - 15:09 CET