Published On Jul 26, 2024
Why is no one talking about this?
Sources:
https://trufflesecurity.com/blog/anyo...
https://trufflesecurity.com/blog/secr...
https://github.com/yt-dlp/yt-dlp/comm...
https://www.gharchive.org/
https://github.com/security
Algo spam (just the transcription of the video intro):
If you thought your private GitHub repositories were safe from prying eyes, think again.
This blog post caught my attention today, and I'm kind of surprised that no one's talking
about it because this seems like a big deal.
Anyone can access deleted and private repository data on GitHub.
Specifically, you can access data from deleted forks, deleted repositories, and even private
repositories on GitHub, and it's available forever.
This is known by GitHub and intentionally designed that way.
That's right, this is a feature, not a bug.
