Fran Donoso
LightNews LightNews
francisck.com
Fran Donoso
@francisck.com
460 followers 180 following 150 posts
I'm an infosec person who currently works as the CTO of a security services firm. Have done DevSecOps, Red Teaming, and reverse engineering. I reversed some of the tooling leaked by the Shadow Brokers and spoke about it publicly
Posts Replies Media Videos
francisck.com
I may have gone overboard on the Halloween goodies this year

#halloween
6 boxes of full sized candy bars, tiny stuffed Halloween themed toys, and hot wheels.
November 1, 2025 at 2:34 AM
francisck.com
Okay 3rd (and last post) someone in the linked GitHub issue noticed that all of the tags in the project have been pointed to the malicious commit.

The malicious commit was made by a "renovate" bot - perhaps its creds were compromised?

3/2

github.com/tj-actions/c...
March 15, 2025 at 3:10 AM
francisck.com
Image referenced above is attached to this post.

The GitHub action ultimately outputs a double base64 encoded value that is the secrets it was able to extract.

See the second image for what this output looks like in Github action logs (I blacked out some of the output).

2/2
March 15, 2025 at 3:08 AM
francisck.com
The judge: Why was your cat already wearing a hacker hoodie?!?
October 11, 2023 at 4:31 AM
francisck.com
Search for drinks in you camera roll
Fondue and someone grabbing bread with a bottle of wine in the background A bottle of wine with mountains in the background
October 6, 2023 at 2:35 PM