Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
pezezin
14 days ago
|
parent
|
context
|
favorite
| on:
Shai Hulud launches second supply-chain attack
The worm itself is posting the secrets in Github with the name Sha1-hulud:
https://github.com/search?q=sha1-hulud&type=repositories
cyberpunk
14 days ago
[–]
Yikes. AWS secrets galore in the couple I decoded (double base64)...
I'm surprised github is leaving these up.
galangalalgol
14 days ago
|
parent
|
next
[–]
At this point it likely helps the defenders more than those that would use them doesn't it?
meowface
14 days ago
|
parent
|
prev
[–]
I am guessing they don't intend to and will be removing them with urgency.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
