The Great Dependabot Deception: Cyber Thieves Hijacking GitHub Accounts

Cyber thieves are hijacking GitHub accounts, planting malicious code under the guise of Dependabot contributions. The malware aims to steal passwords and project secrets, a deceptive campaign that’s compromising the open-source ecosystem.