#cicdcredentials — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cicdcredentials, aggregated by home.social.
-
GitHub Actions Supply Chain Attack Exfiltrates CI/CD Credentials
A sneaky supply chain attack on GitHub Actions has led to the theft of CI/CD credentials, with hackers using a clever trick to redirect tags to fake commits that hide malicious code. By masquerading as legitimate commits, attackers were able to execute arbitrary code and evade pull request reviews.
#SupplyChainAttack #GithubActions #CicdCredentials #ImposterCommits #EmergingThreats