As an open-source developer who frequently receives notifications from GitHub, I recently encountered a clever attack where an impersonator disguised as the GitHub Security Team created malware-infected GitHub issues. The attacker controlled the email content, making it difficult to discern its legitimacy. Clicking on the link in the email would lead to a malware download disguised as a captcha challenge. The malware cleverly exploited weaknesses in Windows to evade standard security measures. The attack concluded with LummaStealer, a malware service operation that targets sensitive data on infected devices. This intricate attack showcases the vulnerability of developers to sophisticated phishing tactics.
https://ianspence.com/blog/2024-09/github-email-hijack/