A recent discovery has revealed a potential supply chain attack vulnerability in GitHub’s CodeQL repositories, which could have led to wide-ranging consequences for hundreds of thousands of GitHub users. The exploit hinges on a publicly exposed secret found in a GitHub Actions workflow artifact, which, if utilized by an attacker, could allow malicious code execution […]
The post CodeQLEAKED: GitHub Supply Chain Attack Enables Code Execution via CodeQL Repositories appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform