Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. "Security Alert: Unusual Access Attempt We have detected a login attempt on your GitHub account that appears to be from a new location or device," reads the GitHub phishing issue. All of the GitHub phishing issues contain the same text, warning users that their was unusual activity on their account from Reykjavik, Iceland, and the 53.253.117.8 IP address. Fake "Security Alert" issue posted to GitHub repositories Source: BleepingComputer Cybersecurity researcher Luc4m first spotted the fake security alert, which warned GitHub users that their account was breached and that they should update their password, review and manage active sessions, and enable two-factor authentication to secure their accounts. However, all of the links for these recommende ... Read full article.