Cybersecurity experts have uncovered a dangerous new malware campaign targeting GitHub users through meticulously crafted fake repositories. Dubbed ‘GitVenom’, this initiative involves hackers creating numerous fabricated projects that appear legitimate to unsuspecting developers. These fake projects are designed to deliver malicious payloads, including information-stealing tools and remote access trojans (RATs), once downloaded. Kaspersky analyst Georgy Kucherin detailed the campaign’s tactics, revealing that hackers have employed AI-generated files to enhance credibility. They have even artificially inflated project activity through timestamps, making them appear more developed. The investigation by Kaspersky also uncovered a significant aspect of this malware: it doesn’t actually implement the features promised in its instructions; instead, these projects execute meaningless actions and deliver the malicious payload. This payload includes info-stealers that steal saved credentials, cryptocurrency data, and browsing history, uploading them to hackers via Telegram. A clipboard hijacker, specifically targeted at crypto wallet addresses, replaces legitimate addresses with those controlled by attackers.