Y
Hacker News
new
|
ask
|
show
|
jobs
by
sierra1011
205 days ago
It does install a GitHub runner and registers the infected machine as a runner, so remote code execution remains possible. It might be a stretch to call it persistent but it definitely tries.