Check your #Github Repos. Widespread malware attack uncovered, using this C&C host: https://github.com/search?l=YAML&q=ovz1.j19544519.pr46m.vps.myjino.ru&type=Code Context/details at https://twitter.com/stephenlacy/status/1554697077430505473?s=20&t=vpemJbO077kYmWPWS4kIqw
@jwildeboer Do you know whether commit tokens were compromised or PRs merged without proper review? Is there another attack vector one should be aware of?
@Tronde It seems they mass- forked existing repos under new user/org names and inserted the code there. Hoping people looking for a specific project would be confused enough to grab the fork.
Mastodon instance for people with Wildeboer as their last name