Mastodawn

Iztok Smolic (Agiledrop) explains how his team almost got #phished.

Turns out a "potential client" with a #TypoSquatted email address sent a demo #git repository that had a post-checkout hook ready to run code with full permissions.

Another attack vector I wasn't aware of 😬

https://www.linkedin.com/posts/iztok-agiledrop_we-almost-got-phished-this-week-not-by-share-7464980887990935552-tmru

We almost got "phished" this week. Not by some sloppy "Nigerian prince" email but by a fake client. Here's what happened... Someone filled out the contact form on our website. They said they needed… | Iztok Smolic 🩸 | 13 comments

We almost got "phished" this week. Not by some sloppy "Nigerian prince" email but by a fake client. Here's what happened... Someone filled out the contact form on our website. They said they needed help with a software project. The email looked normal. The spec looked normal (a bit AI-generated, but who isn't using AI these days?). They sent a Dropbox link with a TAR file. Inside was a git repo and a note: "please check out the NDA branch first". During a weekly sales sync meeting, Ales noticed something was off. The sender's domain was off by one letter from a real website. We looked closer at the repo. There was a hidden "post-checkout" hook in the codebase. A binary file. If any developer had run "git checkout NDA" on their machine, that binary would have executed with their full user permissions. We pulled it apart in a container with Claude's help. It had scripts for Linux, macOS, and Windows. It was built to grab system data and ship it off to an API hosted on Vercel. We work with clients like Deutsche Telekom and University of Ljubljana. One "git checkout" away from a very bad day. Phishing isn't just bad emails anymore. It's full fake projects, with specs and repos and personas. People are reporting the same trick disguised as job offers. A "recruiter" reaches out, sends a coding test or a take-home repo, and asks the candidate to run it locally. Same playbook, different wrapper. If your developers run that on a work machine, you have the same problem we almost had. If you lead a dev team, talk to your people this week. Show them this story. The next attack won't look like an attack. It will look like a client or a job opportunity. Has anyone else had these experiences? | 13 comments on LinkedIn

Crazypedia won't Comply 🧿Mar 2

@tomaxto @moderator

getting #phished during #monsterdon is a good way to get everyone to suspend your instance @admin

PrivacyDigest Sep 10, 2025

18 Popular Code Packages #Hacked, Rigged to Steal #Crypto

At least 18 popular #JavaScript code packages that are collectively downloaded more than two billion times each week were briefly #compromised with #malicious software today, after a developer involved in maintaining the projects was #phished. The #attack appears to have been quickly contained and was narrowly focused on stealing #cryptocurrency.
#security

https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/

18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security

PrivacyDigest Jul 24, 2025

#Phishers Target #Aviation Execs to Scam Customers

KrebsOnSecurity recently heard from a reader whose boss’s email account got #phished and was used to trick one of the company’s customers into sending a large payment to #scammers. An investigation into the attacker’s infrastructure points to a long-running #Nigerian #cybercrime ring that is actively #targeting established companies in the transportation and aviation industries.
#security #privacy #scam

https://krebsonsecurity.com/2025/07/phishers-target-aviation-execs-to-scam-customers/

Phishers Target Aviation Execs to Scam Customers – Krebs on Security

fuomag9 Mar 27, 2025

According to @Kaumas #thunderbird #newsletter has been #phished or #hacked as well as they just sent an email regarding unauthorized access. I guess @troyhunt is not the only one being a victim to this lately

youarethesunshine Dec 8, 2023

Wondering about what to do after you've been #phished? Here's what to do next: https://www.cybertalk.org/2022/03/03/youve-been-phished-what-to-do-next/ #socialengineering #ransomware #email #scams #cybersecurity

You’ve been phished. What to do next... - CyberTalk

You've been phished! Once you've fallen victim to phishing, take these 5 steps to avoid identity theft and computer damage. See article.

CyberTalk

mountains-o-data Sep 13, 2023

My grandma got #phished but thankfully didn’t lose anything. What accessible resources are out there to teach basic #infosec awareness to the tech illiterate?

itgrrl

Apr 10, 2023

God dammit! Got smished this morning. 😕 Plausible SMS lure purporting to be from a supplier I’ve had recent contact with + slick landing page + sleepy me = #phished 😫😡🤬

I’m feeling pretty sheepish 😕 I mean, it’s not like I’ve delivered cybersecurity awareness training before or anything… oh, wait 🤪

At least I was able to immediately put the card on hold via my bank’s app & then cancel it over the phone. 🙃

Redbeard Feb 28, 2023

https://redbeardsec.com/6-common-indicators-of-a-phishing-attempt-protect-your-data-now/

Stay #CyberSafe! Don't get #Phished. Learn the basics of #PhishingSecurityAwareness #InfoSec #CyberSecurity #securityawareness #cyberawareness #dataprotection #datasecurity

10 Common Indicators of a Phishing Attempt: Protect Your Data Now - Redbeard Security

Introduction Phishing Phishing is a type of cyber attack that is used to steal confidential information from individuals or organizations. It is a growing....

Redbeard Security - Unlock the Keys to Cybersecurity Knowledge!

ExperiencedWriter Jan 5, 2023

What would you do if the only way to be a member of an #organization you want to join is by #E-transfer only and you don't do #onlinebanking because you've been #phished in the past?