Attackers set up rogue GitHub repos with malware posing as zero-day exploits

A hacker has created fake GitHub and Twitter accounts, using them to host alleged zero-day exploits that infect users with malware. The identities used appear to belong to non-existent security researchers and real photos from well-known cybersecurity firms are used to give authenticity. Although it remains unclear if the hacker has been successful, security firm VulnCheck, which identified the scam, recommends caution when downloading code from GitHub.