Disaster recovery using the GitHub Events API

Last sunday, an unknown individual compromised the libretro project. First, the attacker hijacked and wiped the project’s buildbot server. After gaining access to the server, he took over a GitHub account of a highly ranked member of the libretro team. Using this account, the attacker destroyed multiple repositories managed by the libretro organization by force-pushing a blank initial commit into each affected repository.

Such attacks are not exactly uncommon and happened multiple times before. At first glance, force-pushing an empty commit into a repository means that any data stored in this repository is lost.

Read More “Disaster recovery using the GitHub Events API”