GitHub Security Breach: Over 3,800 Internal Repositories Stolen
GitHub was compromised through an infected IDE extension and lost approximately 3,800 internal repositories; the hacker group TeamPCP is offering the data for sale, while simultaneously Microsoft Python packages were infected with malware serving as a dropper for additional malicious software.
The New Phishing Click Dilemma: How OAuth Consent Bypasses Multi-Factor Authentication
So-called “consent phishing” circumvents modern security controls by exploiting the intuitive acceptance of OAuth consent screens, and unlike classic password phishing, these attacks leave no suspicious login events and are invisible to MFA and SIEMs because authentication occurs legitimately.











