Blog | G5 Cyber Security

DeepSource resets logins after employee falls for Sawfish phishing

GitHub notified DeepSource of malicious activity related to the startup’s GitHub app after one of their employees fell victim to the Sawfish phishing campaign. DeepSource provides developers with automated static code analysis tools for GitHub, GitLab, and Bitbucket repositories that help spot and fix issues during code review. The startup’s client list includes Intel, NASA, Slack, and Uber. GitHub said that the attackers were using stolen credentials to take over their victims’ accounts and that they were also downloading the contents of private repositories.

Source: https://www.bleepingcomputer.com/news/security/deepsource-resets-logins-after-employee-falls-for-sawfish-phishing/

Exit mobile version