Malicious code injection by compromised pull request branch names
Malicious code injection by compromised pull request branch names
github.com Discrepancy between what's in GitHub and what's been published to PyPI for v8.3.41 · Issue #18027 · ultralytics/ultralytics
Bug Code in the published wheel 8.3.41 is not what's in GitHub and appears to invoke mining. Users of ultralytics who install 8.3.41 will unknowingly execute an xmrig miner. Examining the file util...
You're viewing a single thread.
10
comments
This is why Bobby Tables mom needs her Github account suspended.....
On an unrelated note, don't forget to sanitize your input.
10
comments