GitHub actions disabled due to malicious PR #26606
-
I very recently received a malicious PR that looks like a cryptocurrency miner abuse. At first, I only closed the issue not knowing that the actions in the malicious PR would run. After realising that the malicious action was running despite the PR being closed, I’ve cancelled it and change the action policy to “Allow local action only” but now actions are disabled for my account. How can I enable actions again for my account? |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
I’d contact GitHub support at https://support.github.com/contact and talk to them about this. |
Beta Was this translation helpful? Give feedback.
-
Those who’re here because of the miner’s attacks, here’s my approach:
|
Beta Was this translation helpful? Give feedback.
-
Thanks for your answers. I’ve contacted GitHub support. In my case, I’ve also limited the PR for new accounts since I’ve had another similar PR, a few hours later, from another throwaway account. |
Beta Was this translation helpful? Give feedback.
I’d contact GitHub support at https://support.github.com/contact and talk to them about this.