URL has been copied successfully!
Supply chain attack on popular GitHub Action exposes CI/CD secrets
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Supply chain attack on popular GitHub Action exposes CI/CD secrets


Tags: , , ,

A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs.

First seen on bleepingcomputer.com

Jump to article: www.bleepingcomputer.com/news/security/supply-chain-attack-on-popular-github-action-exposes-ci-cd-secrets/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Top.gg supply chain attack highlights subtle risks
  2. Complex Supply Chain Attack Targets GitHub Developers
  3. Why honeypots deserve a spot in your cybersecurity arsenal
  4. Chinese APT Silk Typhoon exploits IT supply chain weaknesses for initial access