circleci,-github-users-targeted-in-phishing-campaign

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

CircleCI, GitHub Users Targeted in Phishing Campaign

CircleCI has sent out a notice to its customers that a phishing email scam is targeting their users, along with GitHub’s, in an attempt to harvest credentials.

The CircleCI security alert included a copy of the malicious email that told recipients that the companies were working together to launch a new terms of service on CircleCI and GitHub accounts.

“As a result of this update, all users will need to review and accept the new Terms of Use and privacy policy in order to continue using CircleCI services,” the bogus email read.

Below the notice was a malicious link directing users to log into their GitHub account through CircleCI to accept the new terms.

CircleCI assured its users the company would not require customers to log in to review their terms of service, and pointed out that the malicious link sends victims to circle-ci[.]com, a domain not owned by the company.

“We have no reason to believe your organization has been specifically targeted or that your account has been compromised, but want our customers to be aware that there is an ongoing phishing attempt and to exercise due caution,” CircleCI explained in the notice of the active phishing attack to its customers.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Related News

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

The primary targets of this phishing campaign are located in the Ukrainian regions of Crimea, Donetsk, and Lugansk, which were…
CyberSecure Announces Strategic Alliance

CyberSecure Announces Strategic Alliance

BETHESDA, Md.,¬†March 24, 2023¬†/PRNewswire/ — Cybersecure IPS and LockDown Inc. jointly announce that they have entered a strategic alliance to…
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest

Researchers from France-based pen-testing firm Synacktiv demonstrated two separate exploits against the Tesla Model 3 this week at the Pwn2Own…