-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Because it was so blatant, so entirely conspicuous, and so obviously a case of assumed identity, it was immediately reverted by the volunteers who watch over that repository. But then, the faux Nikita Popov reverted that revert commit, reintroducing the zerodium block.
In 2015, Nikita Andreevich Skovoroda, a member of the Node.js Technical Steering Committee, performed a scan on GitHub search and npm. Afterwards, he was able to obtain over 100 passwords and nearly 200 tokens for accounts associated with a number of frequently installed packages.
The project then further updated the community that it no longer considered git.php.net to be the source of the event. Rather they suspected that the cause was a leak of the user database for master.php.net in combination with insecurely stored passwords that supported HTTPS authentication on commits. Subsequently, the project removed HTTPS auth, reset all php.net passwords, and updated the vulnerable server and moved it to a new home on main.php.net.
In January of 2021, the security firm Qualys announced that, sticking to sudo's default configuration, it was possible for an unprivileged user to gain root privileges on any host by exploiting a commit introduced nearly ten years earlier. This was huge. Any computer or server that contained sudo could be completely taken over by a malicious user, who could then delete data or modify software for subsequent attacks.