A recent discovery has revealed a potential supply chain attack vulnerability in GitHub’s CodeQL repositories, which could have led to wide-ranging consequences for hundreds of thousands of GitHub users. The exploit hinges on a publicly exposed secret found in a GitHub Actions workflow artifact, which, if utilized by an attacker, could allow malicious code execution […] The post CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/codeqleaked-github-supply-chain-attack/
