Xygeni GitHub Action Compromised Via Tag Poison

Attackers operated an active C2 implant for up to a week and compromised AppSec vendor Xygeni’s xygeni/xygeni-action in that time.