Approximately 10,000 Trojan-Horse Repositories Found on GitHub
Developer Orchid reported finding roughly 10,000 GitHub repositories distributing Trojan horses by cloning legitimate projects. The cloned repos retain original commit history and contributor info but add a malicious ZIP download link in the README. GitHub has begun removing the repositories, but the actual scale may be larger.