stargazer goblin (1)

12754173661?profile=RESIZE_400xGitHub’s extensive community and features make it a continued target for threat actors.  This week, security researchers identified a network of 3000 fake GitHub accounts pushing infostealing malware through the platform’s repositories as well as compromised WordPress sites.  The malware Distribution-as-a-Service (DaaS), dubbed ‘Stargazers Ghost Network’, delivers variants of RedLine, Lumma Stealer, Rhadamanthys, RisePro, and Atlantida Stealer, all packaged in password-protected archives.

Attrib