this post was submitted on 03 Feb 2025
122 points (91.2% liked)

Technology

61548 readers
4178 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
122
Hacked pipelines defaced Microsoft's WSL repository with pro-Palestine messages (github.com)
submitted 2 days ago by chobeat@lemmy.ml to c/technology@lemmy.world
11 comments fedilink hide all child comments
top 11 comments
sorted by: hot top controversial new old
[–] azron@lemmy.ml 17 points 2 days ago (2 children)

Hacked pipeline? These are just pull requests anyone can submit them.

[–] itsathursday@lemmy.world 35 points 2 days ago (1 children)

They are authentic commits and PRs by real contributors that have been edited and renamed with the PR description changed.

[–] azron@lemmy.ml 6 points 2 days ago (1 children)

Oh that is mildly interesting, my mistake. So the actual commits didn't change but the pull requests are made to look like they are something else.

[–] r00ty@kbin.life 3 points 2 days ago

I think the top one might be the culprit. But it might be the guy's account was hacked?

On his repo he has a fork of WSL and the repo is called "free-palestine", he tried to merge the branch "freedom". So that PR seems likely to be linked to this. Other than this, activity seems normal for a terminal githubber with 444 repos...

[–] BlackEco@lemmy.blackeco.com 9 points 2 days ago* (last edited 2 days ago)

If you watch the PRs history, you can see that the user github-actions edited them. This user is the default one when a GitHub Action (the pipeline OP refers to) alters the repo. So someone probably submitted a pull request abusing the GitHub token when the Action ran on their PR.

[–] itsathursday@lemmy.world 7 points 2 days ago* (last edited 2 days ago)

Thank you for your contribution to WSL.

No fatal errors have been found.

No suggestions have been found.

[–] amino@lemmy.blahaj.zone 5 points 2 days ago

based

[–] Zenlix@lemm.ee 3 points 2 days ago (2 children)

How can such thing happen? Was an account hacked that had the permissions?

[–] BlackEco@lemmy.blackeco.com 3 points 2 days ago

Most likely someone submitted a pull request that abused the GitHub token of the Action running on new PRs in order to edit all the other pull requests.

[–] chobeat@lemmy.ml -4 points 2 days ago

It could also be an inside job. Anti-genocide resistance within Microsoft is quite strong and active.

[–] imnapr@discuss.tchncs.de 1 points 2 days ago

based