BleepingComputer reports that GitHub users are being targeted in an ongoing phishing campaign spoofing the CircleCI continuous integration and delivery platform, which commenced last week.
Threat actors have been sending phishing emails notifying recipients regarding modifications in the platform's user terms and privacy policy and advising them to enter their GitHub accounts, in an effort to exfiltrate GitHub account credentials and two-factor authentication codes.
"While GitHub itself was not affected, the campaign has impacted many victim organizations," said GitHub, which added that all accounts with indications of fraudulent activity have already been suspended.
Meanwhile, CircleCI has advised users that it would never seek user credentials to view terms of service changes. "
Any emails from CircleCI should only include links to circleci.com or its sub-domains. If you believe you or someone on your team may have accidentally clicked a link in this email, please immediately rotate your credentials for both GitHub and CircleCI, and audit your systems for any unauthorized activity," said CircleCI.
Organizations using Progress Software's enterprise-grade WS_FTP Server secure file transfer software have been urged to immediately remediate a maximum severity vulnerability, which has been fixed along with other bugs as part of a security update, reports BleepingComputer.
SiliconAngle reports that more companies have been conducting purple team cybersecurity threat evaluations, with security penetration testing firm SpecterOps being the latest to create a collaboration between its offensive and defensive cybersecurity teams in testing and defending corporate systems.