A threat actor has created nearly 300 fake GitHub repositories that impersonate legitimate software and security projects to distribute infostealer malware to unsuspecting developers. You should verify the authenticity of any GitHub repositories before do
Read the full article: https://www.bleepingcomputer.com/news/security/nearly-300-github-repos-pose-as-legit-software-to-push-malware/