I always (very naively, I fully get it) wonder if someone at GitHub could take a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mittermayr 17 days ago \| parent \| context \| favorite \| on: Shai-Hulud Returns: Over 300 NPM Packages Infected I always (very naively, I fully get it) wonder if someone at GitHub could take a minute and check the logs (if there are any at this level) from a week ago or so and scan them for patterns? The code seems to grab a few files off of GitHub, use Github actions, etc. -- perhaps there's a pattern in there that shows the attacker experimenting and preparing for this? I assume most people at this level have VPNs and so forth, but I'd never underestimate the amount of bad luck even those folks can have. Would be interesting, I know I'd have a look, if those logs existed.

not_doctorq 17 days ago | [–]

I have first hand knowledge that they do, or at least that the data exists and can be queried in that way, but it’s a game of cat and mouse.

hofrogs 17 days ago | [–]

That's usually what those security companies do, they monitor all those repositories and look for patterns, then investigate anything suspicious.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact