All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Security Notice: Malicious Commits Pushed to mantine-datatable Repository via GitHub Actions Bot

By

icflorescu

4h ago· 3 min readenCode
Bagel score 85 of 100
85/100
Golden Brown
Bagelometer

The bagel they save for the regulars. Don't skim, savour.

Score85Typepress releaseSentimentvery negative

Summary

A security notice posted by the wife of repository owner Ionut (icflorescu) warning that unauthorized malicious commits were pushed to the mantine-datatable repository and 4 others via the GitHub Actions bot. The commits appear innocent ("chore: update dependencies [skip ci]") but inject a payload runner. The owner's GitHub account has been suspended, and users who recently cloned or pulled the repository are warned not to open it.

Key quotes

· 5 pulled
Earlier today, unauthorized commits were pushed to this repository and 4 others via the github-actions bot.
The commit message reads chore: update dependencies [skip ci] and looks innocent, but it isn't.
The malicious commit injects a payload runner (node .github/setup.js) into...
If you have cloned or pulled this repository recently, please do NOT open
I'm posting this on his behalf because his GitHub account has been suspended and he has no way to reach you directly right now.
Snippet from the RSS feed
⚠️ Important Security Notice -- Please Read Hi everyone. I'm Irinel-Ramona, Ionut's wife. I'm posting this on his behalf because his GitHub account has been suspended and he has no way to reach you...

You might also wanna read

npm malware targeting Claude users leaks own GitHub token, reaches 676 downloads

An npm package called "mouse5212-super-formatter" targeting Claude users acted as information-stealing malware, reaching 676 downloads befor

theregister.com·6d ago

Malicious 'Miasma' Framework Compromises 32 Red Hat npm Packages in Supply Chain Attack

A malicious open-source framework called 'Miasma' (a Shai-Hulud clone) compromised 32 Red Hat npm packages. GitHub removed the repository, b

briefly.co·3d ago

GitHub patches critical remote code execution vulnerability in under six hours after AI-assisted discovery

GitHub patched a critical remote code execution vulnerability in under six hours last month. The flaw, discovered by Wiz Research using AI m

The Verge·1mo ago

Megalodon Attack: Malicious GitHub Actions Workflows Compromise Over 5,500 Open-Source Repositories

A large-scale supply chain attack campaign tracked as "Megalodon" injected malicious GitHub Actions workflows into over 5,500 open-source re

stepsecurity.io·17h ago

Malicious npm package "Codex" stole developer credentials for a month before detection

A popular npm package called "Codex" (providing a remote web UI for OpenAI Codex) was found to be stealing developer credentials for about a

briefly.co·1d ago

AI-Generated npm Package Leaks Its Own GitHub Token, Exposing Malware Operator

A malicious npm package named mouse5212-super-formatter, identified by OX Security, was caught leaking its own hardcoded GitHub token. This

infosecurity-magazine.com·6d ago