Now, with the help of AI, it’s even easier to waste time of open source developers by creating fake security vulnerability reports.

  • Badabinski@kbin.earth
    link
    fedilink
    arrow-up
    15
    ·
    12 days ago

    Man, why would you do this type of shit with a username that’s easily linked back to your real name and business ventures? I found this person’s GitHub profile, LinkedIn page, current employer, and a link to some sort of startup business page just by doing a simple search for their very public username: https://webug.xyz

    Several people over at Hackernews have posted this same info because security people are curious. It’s just baffling to me. If you’re going to be a scumbag, you should at least try to distance yourself from it.

    (also, wtf is that page of AI slop even trying so say? What the fuck is any of that for?)

    • Kissaki@programming.dev
      link
      fedilink
      English
      arrow-up
      1
      ·
      10 days ago

      If it were a successful report they’d want the attribution, recognition, and publicity.

      They didn’t see the bad they were doing. I wonder if they see it now. Given their response, I doubt it.

    • 0x0@programming.dev
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      11 days ago

      If you’re going to be a scumbag, you should at least try to distance yourself from it.

      Guess you’d have to be a smart scumbag too…