It seems they mass- forked existing repos under new user/org names and inserted the code there. Hoping people looking for a specific project would be confused enough to grab the fork. I've also added that host to my firewall config, just to be sure.


GitHub has mass-deleted the forks, users and orgs. But if you inadvertently have downloaded that stuff in the past day(s), before it was deleted, you might be at risk. So check your local repos/containers, CI/CD pipelines and put that host in your firewall is my advice.

Sign in to participate in the conversation

Mastodon instance for people with Wildeboer as their last name