|
| 1 | +**Are you the copyright holder or authorized to act on the copyright owner's behalf? If you are submitting this notice on behalf of a company, please be sure to use an email address on the company's domain. If you use a personal email address for a notice submitted on behalf of a company, we may not be able to process it.** |
| 2 | + |
| 3 | +Yes, I am authorized to act on the copyright owner's behalf. |
| 4 | + |
| 5 | +**Are you submitting a revised DMCA notice after GitHub Trust & Safety requested you make changes to your original notice?** |
| 6 | + |
| 7 | +No |
| 8 | + |
| 9 | +**Does your claim involve content on GitHub or npm.js?** |
| 10 | + |
| 11 | +GitHub |
| 12 | + |
| 13 | +**Please describe the nature of your copyright ownership or authorization to act on the owner's behalf.** |
| 14 | + |
| 15 | +I am an authorized representative of Eight CM Limited and its operating subsidiary Juno Markets, the sole owner of the source code, configuration files, and associated proprietary materials contained in the repositories under the [private] [private] organization. The code was authored by employees and authorized contractors of Eight CM Limited as work-for-hire. I have authority to act on behalf of the company in matters of copyright enforcement. |
| 16 | + |
| 17 | +**Please provide a detailed description of the original copyrighted work that has allegedly been infringed.** |
| 18 | + |
| 19 | +The infringing repository contains a wholesale, unauthorized copy of more than 40 private source-code repositories belonging to the [private] [private] organization. These include proprietary backend services ([private], and many others), proprietary frontend applications ([private], and others), and a private configuration repository ([private]) containing internal credentials. All of these repositories are private and access-controlled within the [private] organization. The code was authored as work-for-hire by Eight CM Limited employees and contractors between 2023 and 2026 and has never been licensed, published, or otherwise authorized for public release. |
| 20 | + |
| 21 | +The infringing repository was created at https://github.com/Xlolololxxxx/juno on 2026-05-10 at 00:46:50 UTC by an anonymous GitHub account, after a compromised Personal Access Token belonging to an authorized employee of Eight CM Limited was used to clone these private repositories without authorization between 2026-05-08 and 2026-05-10. The unauthorized publication was discovered on 2026-05-12. |
| 22 | + |
| 23 | +**If the original work referenced above is available online, please provide a URL.** |
| 24 | + |
| 25 | +The original copyrighted work is hosted in private repositories under [private] — access requires authorized membership in the [private] [private] organization. Specific original-source URLs (all private) include: |
| 26 | + |
| 27 | +[private] |
| 28 | +[private] |
| 29 | +[private] |
| 30 | +[private] |
| 31 | +[private] |
| 32 | +[private] |
| 33 | +[private] |
| 34 | +[private] |
| 35 | +[private] |
| 36 | +[private] |
| 37 | +[private] |
| 38 | +[private] |
| 39 | +[private] |
| 40 | +[private] |
| 41 | +[private] |
| 42 | + |
| 43 | +GitHub [private] can verify ownership by examining the parallel private repositories within the [private] organization, which contain the identical source code and pre-date the infringing repository. |
| 44 | + |
| 45 | +**We ask that a DMCA takedown notice list every specific file in the repository that is infringing, unless the entire contents of the repository are infringing on your copyright. Please clearly state that the entire repository is infringing, OR provide the specific files within the repository you would like removed.** |
| 46 | + |
| 47 | +**Based on the above, I confirm that:** |
| 48 | + |
| 49 | +The entire repository is infringing |
| 50 | + |
| 51 | +**Identify the full repository URL that is infringing:** |
| 52 | + |
| 53 | +https://github.com/Xlolololxxxx/juno |
| 54 | + |
| 55 | +**Do you claim to have any technological measures in place to control access to your copyrighted content? Please see our <a href="https://docs.github.com/articles/guide-to-submitting-a-dmca-takedown-notice#complaints-about-anti-circumvention-technology">Complaints about Anti-Circumvention Technology</a> if you are unsure.** |
| 56 | + |
| 57 | +No |
| 58 | + |
| 59 | +**If you are reporting an allegedly infringing fork, please note that each fork is a distinct repository and <i>must be identified separately</i>. Please read more about <a href="https://docs.github.com/articles/dmca-takedown-policy#b-what-about-forks-or-whats-a-fork">forks.</a> As forks may often contain different material than in the parent repository, if you believe any of the repositories or files in the forks are infringing, please list each fork URL below:** |
| 60 | + |
| 61 | +**Is the work licensed under an open source license?** |
| 62 | + |
| 63 | +No |
| 64 | + |
| 65 | +**What would be the best solution for the alleged infringement?** |
| 66 | + |
| 67 | +Reported content must be removed |
| 68 | + |
| 69 | +**Do you have the alleged infringer’s contact information? If so, please provide it.** |
| 70 | + |
| 71 | +The infringing user account Xlolololxxxx (GitHub user ID [private], account created 2024-05-09) has no public email, name, blog, or location on its GitHub profile. We do not have any contact information for the infringer. The account appears to be anonymous and is associated with multiple repositories containing security-research and offensive-security tooling. |
| 72 | + |
| 73 | +**I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law.** |
| 74 | + |
| 75 | +**I have taken <a href="https://www.lumendatabase.org/topics/22">fair use</a> into consideration.** |
| 76 | + |
| 77 | +**I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed.** |
| 78 | + |
| 79 | +**I have read and understand GitHub's <a href="https://docs.github.com/articles/guide-to-submitting-a-dmca-takedown-notice/">Guide to Submitting a DMCA Takedown Notice</a>.** |
| 80 | + |
| 81 | +**So that we can get back to you, please provide either your telephone number or physical address.** |
| 82 | + |
| 83 | +[private] |
| 84 | + |
| 85 | +**Please type your full name for your signature.** |
| 86 | + |
| 87 | +[private] |
0 commit comments