Threat Actors Increasingly Abusing GitHub for Malicious Purposes

The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points.
“Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network traffic, often bypassing traditional security

abusing act adversaries bypassing command control data data exfiltration dead environments exfiltration github host information information technology infrastructure malicious malicious payloads network network traffic points services technology threat threat actors traffic ubiquity