👨‍💻 Widespread GitHub Campaign Uses Fake VS Code Security Alerts to Deliver Malware

A large-scale phishing campaign is targeting developers directly inside GitHub, using fake Visual Studio Code security alerts posted through Discussions to trick users into installing malicious software.

https://socket.dev/blog/widespread-github-campaign-uses-fake-vs-code-security-alerts-to-deliver-malware

#github