TI Mindmap HUB
Threat Intelligence Report

Widespread GitHub Campaign Uses Fake VS Code Security Alerts to Deliver Malware

๐Ÿ“… March 25, 2026 ๐Ÿ“ฐ socket.dev ๐Ÿ” 0 CVE(s) referenced

A coordinated phishing campaign is exploiting GitHub Discussions to impersonate Visual Studio Code security alerts, luring developers into downloading malware via convincing but fraudulent posts and external links.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

๐Ÿ” Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

๐Ÿ“Š Visual Mindmap
๐ŸŽฏ IOC Extraction
โš”๏ธ MITRE ATT&CK TTPs
๐Ÿ“ฆ STIX 2.1 Bundle