Threat actors are going to great lengths to ensure that malicious code hidden in legitimate-looking GitHub repositories is used by as many developers as possible, Checkmarx has warned. The security vendor’s research engineer, Yehuda Gelb, described a number of techniques deployed in a recent campaign designed to ensure these repositories appear at the top of GitHub’s search results.

Source: Infosecurity