From bleepingcomputer.com
GitHub notified DeepSource earlier this month of detecting malicious activity related to the startup’s GitHub app after one of their employees fell victim to the Sawfish phishing campaign.
DeepSource provides developers with automated static code analysis tools for GitHub, GitLab, and Bitbucket repositories that help spot and fix issues during code review. According to its website, the startup’s client list includes Intel, NASA, Slack, and Uber.