GitHub has issued an alert warning of a phishing campaign targeting users by impersonating the popular DevOps tool CircleCI, BleepingComputer reports. The phishing emails inform users that they’ll need to click on a link and log into their GitHub account in order to review CircleCI’s new terms of service. The phishing site is designed to harvest credentials as well as time-based one-time-password (TOTP) authentication codes.