Post Syndicated from daroc original https://lwn.net/Articles/971008/

BleepingComputer

reported on April 20 that some malware was being distributed via GitHub.
Uploading files as part of a comment gives them a URL that appears to be
associated with a repository, even if the comment is never posted.

A GitHub flaw, or possibly a design decision, is being abused by threat actors
to distribute malware using URLs associated with Microsoft repositories, making
the files appear trustworthy.

While most of the malware activity has been based around the Microsoft GitHub
URLs, this “flaw” could be abused with any public repository on GitHub, allowing
threat actors to create very convincing lures.