Cyber Security in Ci CD

GitHub suffers a cascading supply chain attack compromising CI/CD secrets

CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.

16d

Supply chain attack against GitHub Action triggers massive exposure of secrets

Security researchers are warning of a supply chain attack against tj-actions/changed-files GitHub Action, which is used in more than 23,000 repositories. A malicious commit was detected early Friday, ...

Bleeping Computer15d

GitHub Action hack likely led to another in cascading supply chain attack

The cybersecurity firm reports that the attackers first compromised the v1 tag for the reviewdog/action-setup GitHub action and injected similar code to dump CI/CD secrets to log files.

Some results have been hidden because they may be inaccessible to you

Show inaccessible results

Trending now