Tag: repo squatting

Adversaries have pioneered a sophisticated method of weaponizing GitHub as a conduit for malware distribution, camouflaging their payloads as legitimate installers for prominent developer utilities. At the epicenter of this campaign is GitHub Desktop; the official client was subverted into a source of infection through the manipulation of download links propagated via search engine advertisements.…