←back to thread

Ghrc.io appears to be malicious

(bmitch.net)
407 points todsacerdoti | 6 comments | 24 Aug 25 23:27 UTC | HN request time: 0.253s | source | bottom
1. aussieguy1234 ◴[24 Aug 25 23:56 UTC] No.45008909[source]
There are alot of open source projects using this domain https://github.com/search?q=ghrc.io&type=code
replies(2): >>45009165 #>>45009482 #
2. notsahil ◴[25 Aug 25 00:46 UTC] No.45009165[source]
GitHub should a have tool internally to create bulk and send it as a fix
replies(3): >>45009773 #>>45010053 #>>45011492 #
3. lathiat ◴[25 Aug 25 01:52 UTC] No.45009482[source]
That's a fairly impressively sized list.
4. aussieguy1234 ◴[25 Aug 25 02:59 UTC] No.45009773[source]
they probably do, they already have one that identified credentials posted to github repos by accident.
5. ◴[25 Aug 25 03:57 UTC] No.45010053[source]
6. michaeljhg ◴[25 Aug 25 08:12 UTC] No.45011492[source]
https://github.com/advanced-security/secret-scanning-custom-...