frontpage.

A shady GitHub repo from this account Retro-007 (https://github.com/Retro-007) appeared with a bizarre Shai-Hulud-like description, matching the odd random-repo pattern we saw during the “Second Coming” attack. Even weirder, the repo has a commit by Linus Torvalds (https://github.com/Retro-007/shopbook/commit/99c9ba5e78437ffeea99355439d6d04d470a8eda) that looks at a glance like his account was hacked.

This pattern can be seen in dozens of other repos with the description "F*K Guillermo, F*K VERCEL --multi"

But, in fact, the commit is forged Git metadata, a known trick where an attacker can fake any GitHub user without having access to the real one, the same ecosystem weakness behind the Shai-Hulud attacks.

I've written about the start of these weird encounters in the past week till now on this in https://sitezwin.com/posts/2025-11-29-sha-hulud-the-second-coming-encouter

Why do companies lie about uptime?

Smuggled North Korean phones reveal a dark reality

Favourite influencer hasn't got a dozen dachshund dogs. It's just AI

Room temperature carbon capture in graphene

Underground AI models promise to be hackers 'cyber pentesting waifu'

Show HN: Traffic, funding rounds, and chai – Bangalore startup life as a game

What to Do When Creating Your CodeQL Database Fails – and How to Report the Per

Show HN: Lightweight macOS menu bar Pomodoro Timer

The Biggest Causes of Medical Device Recalls

Tell HN: Telegram App iOS Woes

U.S. peace plan for Ukraine formulated months ago by Kremlin operative

Show HN: Self-hosted RAG for docs and code (FastAPI, Docling, ChromaDB)

MasonEffect – Particle-based text morphing library (now supports Svelte)

Taking Jaggedness Seriously

It Is Possible to Spend Too Much on AI

The Battle over Africa's Great Untapped Resource: IP Addresses

Is Linus Torvalds GitHub Account Hacked?

Statin-independent association between low LDL and risk of T2 diabetes

(2018) How I created a database of all interesting Rush Hour configurations

Moodfx v1.0 IS LIVEAs a 19yo I think I just killed every $200/mo AI suite

Riding the autism bicycle to retraction town

A brief history of NSA backdoors. (2013)

Soul Over AI – list of AI generated bands

Show HN: Slash commands to enforce collaborative AI workflows (Cursor/Claude)

A new look at an old dog: Bonn-Oberkassel reconsidered

What Happens When Everyone Lives in Their Own Digital Reality?

Show HN: Bookmark Bar – Browser Hub (Open Any Bookmark in Any Browser on macOS)

Chainalysis Successful Deanonymization Attack on Monero

The CRDT Dictionary: A Field Guide to Conflict-Free Replicated Data Types

You probably shouldn't block AI bots from your website

Is Linus Torvalds GitHub Account Hacked?

Comments

Why do companies lie about uptime?

Smuggled North Korean phones reveal a dark reality

Favourite influencer hasn't got a dozen dachshund dogs. It's just AI

Room temperature carbon capture in graphene

Underground AI models promise to be hackers 'cyber pentesting waifu'

Show HN: Traffic, funding rounds, and chai – Bangalore startup life as a game

What to Do When Creating Your CodeQL Database Fails – and How to Report the Per

Show HN: Lightweight macOS menu bar Pomodoro Timer

The Biggest Causes of Medical Device Recalls

Tell HN: Telegram App iOS Woes

U.S. peace plan for Ukraine formulated months ago by Kremlin operative

Show HN: Self-hosted RAG for docs and code (FastAPI, Docling, ChromaDB)

MasonEffect – Particle-based text morphing library (now supports Svelte)

Taking Jaggedness Seriously

It Is Possible to Spend Too Much on AI

The Battle over Africa's Great Untapped Resource: IP Addresses

Is Linus Torvalds GitHub Account Hacked?

Statin-independent association between low LDL and risk of T2 diabetes

(2018) How I created a database of all interesting Rush Hour configurations

Moodfx v1.0 IS LIVEAs a 19yo I think I just killed every $200/mo AI suite

Riding the autism bicycle to retraction town

A brief history of NSA backdoors. (2013)

Soul Over AI – list of AI generated bands

Show HN: Slash commands to enforce collaborative AI workflows (Cursor/Claude)

A new look at an old dog: Bonn-Oberkassel reconsidered

What Happens When Everyone Lives in Their Own Digital Reality?

Show HN: Bookmark Bar – Browser Hub (Open Any Bookmark in Any Browser on macOS)

Chainalysis Successful Deanonymization Attack on Monero

The CRDT Dictionary: A Field Guide to Conflict-Free Replicated Data Types

You probably shouldn't block AI bots from your website