Security alert: new phishing campaign targets GitHub users | The GitHub Blog


On September 16, GitHub Security learned that threat actors were targeting GitHub users with a phishing campaign by impersonating CircleCI to harvest user credentials and two-factor codes. While GitHub itself was not affected, the campaign has impacted many victim organizations. Today, we are sharing details of what we’ve learned to help raise awareness of this phishing campaign and protect potential future victims.

Reported versions include messages like these, which imply that a user’s Circle…

Read More