Dan Goodin on Nostr: ICYMI: Threat actors spread info stealing malware through 1) trojanized GitHub-hosted ...
ICYMI: Threat actors spread info stealing malware through 1) trojanized GitHub-hosted PoC exploits for CVE vulns and 2) phishing emails targeteting 2,700 addresses scraped from the arXiv research platform. The professional grade infostealer stole 390,009 credentials, likely from bad guys.
https://arstechnica.com/security/2024/12/yearlong-supply-chain-attack-targeting-security-pros-steals-390k-credentials/?comments-page=1#comments
https://arstechnica.com/security/2024/12/yearlong-supply-chain-attack-targeting-security-pros-steals-390k-credentials/?comments-page=1#comments