Open Cybersecurity-Specialist opened 1 year ago
Hi Github,
Can you provide any recent information? We attempted to seek assistance from your support team via email and tried reaching out to the repository owner through mahantasupriyo@gmail.com, but we are still awaiting responses. We hope to get your answer and action soon.
Best regards,
iZOOlabs Security Response
Global Security Operations Centre +44 20 3734 2726 izoolabs@izoologic.com www.izoologic.com
Dear Admin/Repo Owner,
I am writing to you on behalf of Paytm Payments Bank regarding an issue filed on the Paytm-gateway repository via GitHub. While we have already reported the issue through the appropriate channels on GitHub, we wanted to bring it to your attention in case you have not received a notification.
Upon reviewing the repository, we noticed a script that has a vague potential of attacking Paytm Payments Bank. While we understand that this may not be the intention behind the code, it is essential to ensure that the repository does not raise any security concerns or inadvertently facilitate harmful activities.
Involved repo: https://github.com/Pratyush-Ranjan/Paytm-gateway
Considering the sensitive nature of potential security threats, we kindly request that you take ANY of the following actions:
a. Remove the script in question: We recommend removing the code to eliminate any ambiguity regarding its intentions and mitigate any associated risks.
b. Set the repository to private: Alternatively, if the script is integral to the project or you believe it provides educational value, we suggest making the repository private. This way, the code will not be publicly accessible; only authorized individuals can view and use it.
c. Add a comment clarifying the script's purpose: If you believe that the script serves an educational purpose and should remain public, we request that you add a prominent comment stating that the code is not intended for attacking purposes. This will provide a clear explanation for GitHub users across the repository and alleviate concerns.
We understand that maintaining repositories can be challenging, and we do not intend to impose restrictions on your work. However, taking the necessary precautions regarding potential security issues is crucial for maintaining a safe and reliable environment for developers on GitHub.
Thank you for your attention to this matter. We appreciate your prompt action and cooperation. If you require any further information or assistance, please do not hesitate to contact us.
We look forward to your positive response.
Best regards,
iZOOlabs Security Response
Global Security Operations Centre +44 20 3734 2726 izoolabs@izoologic.com www.izoologic.com