New Phishing Tool Targets GitHub Developers

New phishing tool GoIssue poses a significant threat to GitHub developers. Researchers at SlashNext have identified GoIssue, an advanced phishing tool linked to the GitLoker extortion campaign, which targets GitHub users by harvesting email addresses from public profiles. Priced at $700 for a custom build and $3,000 for full source code access, GoIssue enables attackers to execute large-scale phishing campaigns that could lead to source code theft and corporate breaches. Experts urge GitHub users to adopt strong security practices, including Two-Factor Authentication and careful monitoring of OAuth app permissions, to mitigate risks associated with this emerging threat.