[HN Gopher] GitHub projects targeted with malicious commits to f...
       ___________________________________________________________________
        
       GitHub projects targeted with malicious commits to frame researcher
        
       Author : bdstanga
       Score  : 6 points
       Date   : 2024-11-19 20:52 UTC (2 hours ago)
        
 (HTM) web link (www.bleepingcomputer.com)
 (TXT) w3m dump (www.bleepingcomputer.com)
        
       | urda wrote:
       | This could have been partially avoided with signed commits.
        
         | gzalo wrote:
         | Not really. The username from the commits is the same one that
         | created the PR. The username evildojo666 was available and the
         | attacker just used it.
        
         | bdstanga wrote:
         | This was actually a true impersonation case, because
         | researcher's twitter username was free on github so attacker
         | just created a new account with that username and used it to
         | create the malicious PR.
        
       ___________________________________________________________________
       (page generated 2024-11-19 23:02 UTC)