Over 23,000 Code Repositories at Risk After Malicious Code Added to GitHub Action. Attackers subverted a widely used tool for software development environment GitHub, potentially allowing them to steal secrets from thousands of private code repositories as well as compromise other, widely used open source libraries, binaries and artifacts that use the tool, experts warned.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/supply-chain-attack-targets-github-repositories-secrets-a-27737
