A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. […]
Source:: BleepingComputer