Security researchers have identified a vulnerability in GitHub’s comment file upload system that malicious actors are exploiting to spread malware. Here’s how it works: When a user uploads a file to a GitHub comment (even if the comment itself is never posted), a download link is automatically generated. This link includes the name of the repository and its owner, […]
The post Fake files on Github might be malware – even from “Microsoft” appeared first on MSPoweruser.
