serisec

Supply chain attack on popular GitHub Action exposes CI/CD secrets

Supply chain attack on popular GitHub Action exposes CI/CD secrets










A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. […]






Bill Toulas





Go to bleepingcomputer




Posted

in

,

by

leeanne

Tags: