<ul><li>Researchers at Kaspersky have uncovered a malicious campaign called GitVenom targeting GitHub users.</li><li>In this campaign, unknown actors created over 200 repositories containing fake projects with malicious code.</li><li>The repositories appeared legitimate with well-designed README.MD files and a large number of commits, creating the illusion of authenticity.</li><li>The malicious components found in these repositories include a Node.js stealer, AsyncRAT Trojan, Quasar backdoor, and a clipper.</li></ul>

Malicious code in fake GitHub repositories | Kaspersky official blog

Discover more