
“johnyj12345” exposing self-hosted Gitlab's secrets to the public - ferruck
https://blog.philipp-trommler.me/posts/2020/07/13/security-possible-gitlab-hack-johnyj12345/
======
ferruck
It seems like a user named "johnyj12345" is making it's rounds on self-hosted
Gitlab instances since Saturday, exposing server secrets to the public by
creating issues containing Gitlab's `secrets.yml` file. Better check your
instance!

