| ▲ | Phishing attack through GitHub notification | |
| 4 points by ghm2199 13 hours ago | 3 comments | ||
I got a phishing email from a repo I never subscribed to https://github.com/ycombbiinator/-co The email looks like so https://pasteboard.co/HYYB7qg0tv2M.png And I could see I was subscribed to the "issue" https://pasteboard.co/zIj5fcaIhNYA.png | ||
| ▲ | gnabgib 13 hours ago | parent | next [-] | |
> The best email address for anything like this is security@ycombinator.com https://news.ycombinator.com/item?id=45353095 "Discussion" (17 points, 4 hours ago, 17 comments) https://news.ycombinator.com/item?id=45352610 | ||
| ▲ | johntash 7 hours ago | parent | prev | next [-] | |
I've gotten a few similar spam/phishing notifications from github recently too. It showed that my username was tagged in the issue (along with 10-20 others). | ||
| ▲ | ghm2199 12 hours ago | parent | prev [-] | |
I am sure I never subscribed to this repo. However I came across https://github.blog/changelog/2025-04-14-sunset-notice-for-a... which possibly means one of the teams I had actually been a part of is the issue. | ||