Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs

Read full story on The Hacker News
Share
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
AI disclosure

Summary

Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. "Operators rely on automated scraping tooling with custom or legitimate-sounding user agents, leveraging GitHub 'ghost' accounts that are often years old, or compromised OAuth tokens and personal

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.