https://github.com/frenchfounder / hypercommit[.]com looks suspiciously like a supply chain attacker, trying to get around the fact that workflows are only disabled for first time contributors [1]

Either this, or they're just spamming hundreds and hundreds of repos

They've no prior contributing history to anything, and all their profiles/etc are blank. One to watch out for given all the attacks against #github #repos at the moment

#threatIntel #threatIntelligence #OSInt #hyperCommit

[1] https://github.blog/changelog/2021-04-22-github-actions-maintainers-must-approve-first-time-contributor-workflow-runs/