A new malware is using illegal streaming websites and GitHub to infect nearly 1 million Windows users. The campaign was identified by Microsoft and is targeting both consumer and enterprise devices across industries. The attack begins on illegal websites which contain malvertising redirectors, leading victims to an intermediary website and then GitHub. The Lumma stealer is one of the payloads that has been identified in the campaign. 

Read more: https://www.darkreading.com/endpoint-security/github-hosted-malware-1m-windows-users