The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware.
First seen on darkreading.com
Jump to article: www.darkreading.com/cyberattacks-data-breaches/water-curse-targets-cybersecurity-pros-github-repos
