Phishers sneak through using GitHub and Jira’s own mail delivery infrastructure

Attackers are abusing the notification systems of SaaS platforms like GitHub and Jira to send phishing and spam emails, Cisco Talos researchers are warning. “Because the emails are dispatched from the platform’s own infrastructure, they satisfy all standard authentication requirements (SPF, DKIM, and DMARC), effectively neutralizing the primary gatekeepers of modern email security,” they note. “By decoupling the malicious intent from the technical infrastructure, attackers successfully deliver phishing content with a ‘seal of approval’ that …