Millions of GitHub repositories are potentially vulnerable to RepoJacking, which if exploited may lead to code execution on environments

  • LeberechtReinhold@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    I never thought that old organization names became available on Github. After a merge makes sense to keep them locked again or pass ownership to the new owner, not let anyone create that under the old name.

    Is there a particular use case it works this way?

    That said I doubt this affects millions of orgs, are organization renames that common?