Posts tagged "general"

Beware of Monero mining attack through GitHub Actions and malicious Pull requests

Published on
#general 

While scrolling through my GitHub feed I noticed a recent fork (5 hours ago) of a repo of mine.

Nothing so weird so far.

Out of curiosity I checked if the user wanted to make a decent PR and improve something in the code.

The user in fact made a new commit on their fork and added a new file. A new GitHub action.

Let me explain what happened.

Don't miss out on special content for my subscribers.


View the past editions of my newsletter