A new tax-themed malware campaign is observed leveraging GitHub links in phishing emails to deliver Remcos RAT, with threat actors even using legitimate repositories for the attack, while new phishing tactics involve ASCII and Unicode-based QR codes, as well as expanding targets using the Telekopye Telegram toolkit to include accommodation booking platforms.
https://thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html