GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

September 29, 2023

A recent campaign has targeted GitHub accounts, as well as npm and PyPI, with the goal of stealing passwords from developers, highlighting ongoing efforts to compromise open-source ecosystems and the software supply chain.
View full story…

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

You may also want to see:

Southampton UK