[t_believ-er873]

If you've identified GitHub repositories hosting malware, you can report them directly to GitHub via their Abuse Report page, providing links and any relevant details. GitHub typically removes repositories that violate their Acceptable Use Policy, but response times may vary. If the malware is actively being used for harm, you may also consider reporting it to security organizations or CERT teams.

[jeroenhd]

One thing I appreciate about Github is that every time I've reported something, I've felt like an actual human went through my report and actually read the things I wrote. Perhaps it's a bit silly to appreciate basic human interaction, but for so many online environments the only interaction you'll ever see is done through chatbots and automated work flows.

[proactivesvcs]

I may have missed the part where the author reported these to github but they're not going to be removed it nobody actually reports them. What a lot of effort put in to seemingly give up at a crucial final step.

[shawabawa3]

pretty sure this is an LLM generated comment

[nubinetwork]

> response times may vary

Waiting six months for Github to remove malicious repositories is unacceptable.