An exposed .git folder let us dox a phishing campaign
via imgur.com
Short excerpt below. Read at the original source.
This past Friday afternoon, a member in our Discord server reported a phishing email pointing to a fake login page. We took up to research it and because of clumsy decisions by the attacker we got their GitHub and their operational Telegram bot. Screenshots: https://imgur.com/a/FTy4mrH Sometimes the attacker incompetence can be a defender’s best weapon […]