GitHub and Jira notification emails are being hijacked

GitHub and Jira notification emails are being hijacked by threat actors who have found a way to turn trusted software alerts into convincing phishing lures, using the platforms’ own mail systems to slip past many of the checks that companies rely on to stop malicious messages. Security researchers say the tactic marks a notable shift in email abuse because the messages are not crudely spoofed copies but genuine notifications generated by legitimate SaaS infrastructure.

Cisco Talos disclosed on 7 April that it had observed a rise in phishing and spam campaigns delivered through the notification pipelines of collaboration platforms including GitHub and Atlassian Jira. According to Talos, attackers are exploiting built-in features that automatically send updates to users, collaborators or administrators, allowing the emails to be transmitted by official servers associated with the service itself. That gives the messages an aura of legitimacy before a recipient even opens them.

The method matters because modern email security depends heavily on authentication standards such as SPF, DKIM and DMARC, which are designed to verify whether a message truly comes from the claimed sender. In these campaigns, the emails do pass those checks, because they are in fact sent by GitHub or Jira infrastructure. Atlassian’s own support material explains that its notification systems are engineered to satisfy such authentication requirements, while GitHub documentation confirms that the platform can automatically send email notifications tied to repository activity and user subscriptions.

Talos described the approach as a “Platform-as-a-Proxy” model, in which the attacker’s content is wrapped inside a legitimate delivery mechanism. Rather than building a fake domain or compromising a mail server, an adversary abuses trusted product workflows and lets the platform perform the final delivery. Security teams have dealt for years with misuse of bulk mail services, but this variation is more insidious because it leans on enterprise tools that employees often regard as routine and business-critical. Earlier reporting on abuse of legitimate mail services showed how trusted infrastructure could help phishing bypass filters; the GitHub and Jira cases suggest the same logic is now being adapted to collaboration software at scale.

Talos said one campaign on 17 February 2026 accounted for about 2.89% of emails it observed being sent from GitHub that day, indicating a measurable spike in abuse rather than a handful of isolated messages. Over a five-day observation period, roughly 1.20% of traffic from noreply@github. com contained an “invoice” lure in the subject line, pointing to a concentrated billing-themed operation aimed at drawing clicks or prompting victims to call fraudulent support numbers.

In the GitHub variant outlined by Talos, the attacker creates a repository and pushes a commit whose summary and extended description are written to resemble an urgent financial or support notice. That content is then inserted into a system-generated email notification sent to repository collaborators. The hook appears near the top of the message where a recipient expects to see commit information, while the malicious wording is buried inside a format that otherwise looks entirely normal. Talos said the headers it examined showed messages entering via a legitimate GitHub SMTP server and carrying a verified DKIM signature for github. com.

Jira presents a similar opportunity because its cloud products are designed to send notifications when work items are created, updated or commented on. Atlassian documents show that administrators can configure email notifications and, in some deployments, send them from custom organisational domains. That flexibility is useful for business operations, but it also enlarges the space in which threat actors can manipulate trusted workflows or exploit users’ familiarity with automated alerts.

What makes the campaigns especially effective is not only technical authenticity but user behaviour. Staff are conditioned to treat GitHub and Jira messages as low-friction background traffic: build notices, issue updates, team mentions, repository changes. A fake bank alert arriving from an unfamiliar domain may raise suspicion, but an “invoice” or account-related prompt nested inside a recognised software notification can exploit habit as much as technology. Talos argued that many email gateways remain poorly equipped to challenge such mail because the domain reputation, sender infrastructure and authentication checks all appear clean.

The development adds to wider concern in cyber security that trusted cloud platforms are increasingly being turned into delivery channels rather than being attacked directly. That trend shifts part of the defensive burden from traditional perimeter filtering towards behaviour analysis, user training and platform-level anomaly detection. Talos said defenders should verify whether a notification aligns with known internal SaaS usage, inspect unusual invitations or project activity, and watch for precursor events such as suspicious repository creation or mass notifications.