MEDIUMVulnerability
Global

Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs

·Source: The Hacker News

Updated:

Executive Summary

Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. "Operators rely on automated scraping tooling with custom or legitimate-sounding user agents, leveraging GitHub 'ghost' accounts that are often years old, or compromised OAuth tokens and personal

Analysis

Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. "Operators rely on automated scraping tooling with custom or legitimate-sounding user agents, leveraging GitHub 'ghost' accounts that are often years old, or compromised OAuth tokens and personal
Source Attribution

Originally published by The Hacker News on Jul 9, 2026.

Related Threats

CRITICALVulnerabilityNEW

European Patience With Cybersecurity Laggards Snaps

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/european-patience-cybersecurity-laggards-snaps-image_small-1-a-32190.jpg" align=right hspace=4><b>European Commission Sues 4 Countries for Not Implementing NIS2</b><br>The European Commission is cracking down on Spain, France and other countries for failing to implement or abide by cybersecurity legislation. NIS2 forces the EU’s m

Bank Info Security
CRITICALVulnerability

How to Meet a 3-Day Remediation SLA &#038; Comply with CISA BOD 26-04

Key Takeaways CISA BOD 26–04 mandates remediation of the publicly exposed, highest-risk, known-exploited vulnerabilities within 3 days. The directive applies a risk-based model evaluating exposure, KEV status, automation potential, and technical impact. Most high-risk vulnerability instances reside on non-critical endpoint assets, which are suited for automated patching at scale. Patchless remedia

Qualys Blog
MEDIUMVulnerability

Cryptohack Roundup: US SEC Eyes July Crypto Rule Proposal

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/cryptohack-roundup-us-sec-eyes-july-crypto-rule-proposal-image_small-10-a-32183.jpg" align=right hspace=4><b>Also: Binance Eyes More Asia Licenses, India Pushes Fresh Crypto Curbs</b><br>This week, the U.S. Securities and Exchange Commission eyes July for a crypto rule proposal, Binance anticipates more Asian business, Malaysia se

Bank Info Security