1. APT hackers are using GitHub to deliver malware payloads and exploit vulnerabilities.

2. Over 94 million people use GitHub for coding collaboration.

3. Threat actors exploit GitHub for payload delivery, data access, C2, and exfiltration.

4. Fake repositories and repository poisoning are used to take advantage of GitHub.

5. GitHub Pages are abused for phishing and traffic redirection.

6. Developers should enhance visibility, maintain up-to-date asset inventory, and implement adaptive security policies.

7. Protecting GitHub accounts and engaging with GitHub to counter malicious activities is recommended.

8. The abuse of GitHub remains attractive to threat actors due to its versatile services and seamless integration.

9. Cost-effective penetration testing services are available for assessing digital systems.

Hashtags: #GitHub #Malware #Cybersecurity #ThreatActors #Vulnerabilities #PayloadDelivery #DataAccess #C2 #Exfiltration #Phishing #SecurityPolicies #PenetrationTesting

https://cybersecuritynews.com/living-off-trusted-sites-lots-apt-hackers/