Y
Hacker News
new
|
ask
|
show
|
jobs
by
ImPostingOnHN
454 days ago
The repo looks like it uses itself in its workflows, so it's possible that the commit being merged resulted in the necessary credentials being leaked to the attacker.
1 comments
rognjen
454 days ago
There doesn't seem to be a PR for the commit though.
link