I published the following diary on isc.sans.edu: “Old H-Worm Delivered Through GitHub”:
Another piece of malicious code spotted on GitHub this time. By the way, this is the perfect example to demonstrate that protecting users via a proxy with web-categorization is useless… Event sites from the Alexa Top-1M may deliver malicious content (Github current position is 51. The URL has been found in a classic email phishing attempt. The content was recently uploaded (<24h) when I found it… [Read more]