You seem to have a bee in your bonnet about this, please stop submitting - this isn't a GH support forum:<p><i>If you work at GitHub security, you are bad at your job</i> (12 points, 23 hours ago) <a href="https://news.ycombinator.com/item?id=43086058">https://news.ycombinator.com/item?id=43086058</a><p><i>GitHub flooded with malware repos spoofing real projects–no response from GitHub</i> (13 points, 3 days ago) <a href="https://news.ycombinator.com/item?id=43056128">https://news.ycombinator.com/item?id=43056128</a>
As I wrote in this issue, I am exhausted. Microsoft has plenty of money to handle issues like this and chooses not to do so. I have spent hours now reaching out to GitHub in vain, tracking down people affected, and trying to figure out how to get someone to give one single flying fuck.<p>So what the hell. Let’s make the CISO’s slideshow intro to GitHub popular.
Unfortunately, bad actors abuse GitHub more and more. Only last year there were some articles about it: <a href="https://gitprotect.io/devops-threats-unwrapped.html" rel="nofollow">https://gitprotect.io/devops-threats-unwrapped.html</a>