Golden Finance reported that a secret malware campaign is hijacking crypto wallets by embedding malicious code into fake open source projects on Github, tricking developers into executing hidden payloads. A cyberattack campaign called Gitvenom has been attacking Github users by embedding malicious code into seemingly legitimate open source projects. Researchers Georgy Kucherin and Joao Godinho discovered the action, where cybercriminals create fraudulent repositories that mimic real software tools. Depending on the programming language used in fake projects, malicious code is embedded differently.