Hackers are using fake coding jobs to spread malware through GitHub

Security researchers discovered Omnistealer, a credential-stealing malware disguised as freelance coding jobs on GitHub. The malware uses blockchain transactions on TRON, Aptos, and Binance Smart Chain to deliver its payload, which steals cryptocurrency wallets, passwords, and sensitive data. Investigators have tied 300,000+ stolen credentials to this operation, with evidence pointing to North Korean state-sponsored hackers targeting developers, particularly in South Asia.