Bleeping Computer

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full ...
9to5Mac

GitHub now supports ‘Sign in with Apple’ for new and existing accounts

You can now use your Apple Account for new and existing accounts on GitHub. Here’s how it works. Since 2019, Apple has offered “Sign in with Apple,” a privacy-focused alternative to social logins like ...
Wired

A Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHub

A secretive network of around 3,000 “ghost” accounts on GitHub has quietly been manipulating pages on the code-hosting website to promote malware and phishing links, according to new research seen by ...