cascading

  • Blog
    digitpatrox10 hours ago
    7

    GitHub Action hack likely led to another in cascading supply chain attack

    A cascading supply chain attack that began with the compromise of the “reviewdog/action-setup@v1” GitHub Action is believed to have led to the recent breach of “tj-actions/changed-files” that leaked CI/CD secrets. Last week, a supply chain attack on the tj-actions/changed-files GitHub Action caused malicious code to write CI/CD secrets to the workflow logs for 23,000 repositories. If those logs had been…

    Read More »
Back to top button
close