Hackers abuse GitHub and GitLab to host malware and credential phishing campaigns

Attackers are increasingly abusing GitHub and GitLab as trusted delivery channels for malware and credential phishing. New research from Cofense says this tactic has grown steadily since 2021, with 2025 alone accounting for 45% of all observed campaign volume during the period studied. The appeal is obvious. GitHub and GitLab are widely used inside enterprises, […] The post Hackers abuse GitHub and GitLab to host malware and credential phishing campaigns appeared first on VPN Central.