Automated attack abuses GitHub Actions to mine cryptocurrency

GitHub Actions has been abused by attackers to mine cryptocurrency using GitHub’s servers, automatically.The particular attack adds malicious GitHub Actions code to repositories forked from legitimate ones, and further creates a Pull Request for the original repository maintainers to merge the code back, to alter the original code. […] This post appeared first on Bleeping Computer
Author: Ax Sharma