As an example, there is a hacking group tracked as "Atlas Lion" that has been persistently targeting large retailers' internal systems to steal gift cards that they resell on gray markets for a profit.
I don't believe exploiting GitHub repos for initial access is part of their playbook, but there have been plenty of examples in recent years of attackers gaining access to internal infrastructure via secrets exposed in GitHub (whether in code or Actions workflows). Just this year, attackers got into Salesloft's GitHub, pivoted to their AWS environment, and stole OAuth tokens that gave them access to hundreds of Salesforce customers.
I've heard once or twice that, after one of the IE-related antitrust cases, Microsoft has been imposed a pretty heavy official procedure to release a new version of IE, that contributes to the slowness of the release cycle.
If that's real, I wonder if this fork could have the additional benefit of circumventing this procedure.
This visualization of the domain name resolution for platform.twitter.com might help to understand the issue. I don't know how to interpret it however.
http://dnsviz.net/d/platform.twitter.com/dnssec/
They actually officially communicated about this method:
Open any Quora URL. If you come across a Quora link
anywhere and you want to read it without being asked to
join Quora, you can add the text "?share=1" to the end
of the URL.
I don't believe exploiting GitHub repos for initial access is part of their playbook, but there have been plenty of examples in recent years of attackers gaining access to internal infrastructure via secrets exposed in GitHub (whether in code or Actions workflows). Just this year, attackers got into Salesloft's GitHub, pivoted to their AWS environment, and stole OAuth tokens that gave them access to hundreds of Salesforce customers.