CircleCI, GitHub Users Targeted in Phishing Campaign

  /     /     /  
Publicated : 23/11/2024   Category : security


CircleCI, GitHub Users Targeted in Phishing Campaign


Emails purporting to be an update to terms of service for GitHub and CircleCI instead attempt to harvest user credentials.



CircleCI has sent out a notice to its customers that a phishing email scam is targeting their users, along with GitHubs, in an attempt to harvest credentials.
The CircleCI security alert included a copy of the
malicious email
that told recipients that the companies were working together to launch a new terms of service on CircleCI and GitHub accounts.
As a result of this update, all users will need to review and accept the new Terms of Use and privacy policy in order to continue using CircleCI services, the bogus email read.
Below the notice was a malicious link directing users to log into their GitHub account through CircleCI to accept the new terms.
CircleCI assured its users the company would not require customers to log in to review their terms of service, and pointed out that the malicious link sends victims to
circle-ci[.]com
, a domain not owned by the company.
We have no reason to believe your organization has been specifically targeted or that your account has been compromised, but want our customers to be aware that there is an ongoing phishing attempt and to exercise due caution, CircleCI explained in the notice of the
active phishing attack
to its customers.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
CircleCI, GitHub Users Targeted in Phishing Campaign