Please check your repos for suspicious "Upload Files" PRs ... And report them to GitHub

This triggers cryptomining jobs in GitHub Actions that will appear under your repo

Follow

@lupyuen What's the point of making these? Actions on PRs execute with the resources of the owner, no? What's the advantage of making the PR on someone else's repo?

@2ck To evade detection maybe? Many repos are idle and can trigger jobs with this hack

Sign in to participate in the conversation
CleverLibre Social

CleverLibre Social is an inclusive social instance for open discussion, learning, and community.
All cultures welcome.
Hate speech and harassment strictly forbidden.