GitCaught Campaign Leverages GitHub Repositories and Fake Profiles for Malicious Infrastructure

Insikt Group uncovered a sophisticated campaign led by Russian-speaking actors who used GitHub profiles to spoof legitimate software apps and distribute various malware, including Atomic macOS Stealer (AMOS) and Vidar.