Cyber security researchers have warned that GitHub users are being targeted with similarly named but malicious copies (containing malicious code) of legitimate repositories. The copied repositories are designed to siphon user environment variables, steal API keys, tokens, crypto keys, and execute arbitrary code on affected endpoints. The advice to developers / GitHub users is to be especially careful when getting code from the platform, and to pay attention to potential typo squats (URL hijacking / cybersquatting), repository copies, clones, or forks (copies of a Git repositories).
Having had some real bad experiences with IT companies in the past it has been a breath of fresh air to have you and your team assisting all of my staff with any issues that have arisen.
- Tony King -