How an Exposed .git Folder Revealed a Phishing Campaign's Operations
This past Friday afternoon, a member in our Discord server reported a phishing email pointing to a fake login page.
Read the full articleYou might also wanna read

GitHub Vulnerability Exposes Private Data to Attacks
Discover how a GitHub vulnerability could expose private data. Learn more about the risk and protection strategies.
Open-Source Secret Scanner Exposes Crypto Phishing Site's Own Firebase Keys
A developer benchmarking Sentinel, a newly released open-source Git secret scanner written in Go, stumbled upon a phishing site impersonatin

GitLost Flaw Exposes GitHub Repos via AI Workflow
Discover how the GitLost vulnerability exploits GitHub's AI Workflows, revealing private repositories. Learn the implications and defenses.
Check Point uncovers crypto-stealing malware campaign abusing GitHub, YouTube, and VirusTotal
Crypto-stealing malware hid behind fake GitHub stars, YouTube tutorials and favorable VirusTotal comments.
The GitHub Actions Attack Pattern Your CI Security Scanners Miss
ActiveState explains how GitHub Actions attack chains can evade traditional CI security scanners, why passing a scan doesn't guarantee a sec
Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection
Researchers show how attackers can use a crafted public GitHub Issue to trick AI-powered workflows into exposing data from private repositor

Comments
Sign in to join the conversation.
No comments yet. Be the first.