Over 390,000 WordPress Credentials Compromised in GitHub Attack
/ 1 min read
🦠 Over 390,000 WordPress credentials compromised through malicious GitHub repository. A recently removed GitHub repository, masquerading as a WordPress tool, is linked to the theft of over 390,000 credentials, primarily targeting security researchers and pentesters. The attack, attributed to a threat actor known as MUT-1244, involved phishing and trojanized repositories that hosted malicious proof-of-concept code. The compromised repository, named “Yet Another WordPress Poster,” contained scripts that not only validated WordPress credentials but also included a rogue npm dependency that deployed malware. This incident highlights a growing trend of attackers exploiting vulnerability disclosures to create fake repositories aimed at data theft, with the potential for further attacks on sensitive information.
