Attackers Weaponize 50+ Dormant GitHub Accounts to Map Corporate Repos
Datadog Security Labs exposes coordinated campaigns using aged 'ghost' accounts to enumerate organizations via GitHub API. Some attackers escalated from reconnaissance to cloning private repositories.