Fake VS Code alerts on GitHub spread malware to developers A large-scale campaign is targeting developers on GitHub by posting fake Visual Studio Code security alerts in repository Discussions to trick users into downloading malware. The posts impersonate maintainers, include fake CVE IDs and external Google Drive links that redirect to drnatashachinn[.]com, which runs a JavaScript reconnaissance script to profile victims before delivering a second-stage payload. #VisualStudioCode #GitHub

Fake VS Code alerts with bogus CVE IDs are spreading malware via GitHub Discussions by impersonating maintainers and tagging users. Malware payloads are delivered after profiling victims through JavaScript scripts. #DevSecurity #GitHubAttacks #USA