A newly identified threat group has weaponized GitHub repositories offering what appear to be legitimate pen-testing and other security tools to deliver malware via malicious build scripts and project ...