all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Google supply chain bug patched in code-testing tool Bazel

Add to bookmarks
Feb. 2, 2024, 11:01 p.m. | Stephen Weigand

SC Magazine feed for Strategy www.scmagazine.com

A GitHub Actions workflow could have been used for a command injection vulnerability in Bazel, which had the potential for threat actors to add malicious code into the production environment for projects using the Google open-source product.

actions bug code command command injection devsecops environment github github actions google injection malicious product production projects supply supply chain testing testing tool third-party-code threat threat actors tool vulnerability

Visit resource

More from www.scmagazine.com / SC Magazine feed for Strategy

Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins 1 day, 10 hours ago | www.scmagazine.com
api security application security attacks bugs +10
Securing Backups - SWN Vault 1 day, 13 hours ago | www.scmagazine.com
backups securing security-strategy-plan-budget vault
Five elements of proactive patching 1 day, 18 hours ago | www.scmagazine.com
devsecops industry open source patchconfiguration-management +4
Alleged Russian cybercriminal faces US fraud charges 2 days, 14 hours ago | www.scmagazine.com
access access broker bleepingcomputer broker +26
New Army Cyber Command tool leveraged by Defense Department in achieving federal AI goals 2 days, 14 hours ago | www.scmagazine.com
aiml army artificial artificial intelligence +24
House committee OKs independent Cyber Force 2 days, 14 hours ago | www.scmagazine.com
authorization bill cyber cybersecurity +14
US facing unprecedented foreign influence threats, ex-official says 2 days, 14 hours ago | www.scmagazine.com
aiml artificial artificial intelligence china +23
Improved biometric security sought by new FIDO Alliance certification 2 days, 15 hours ago | www.scmagazine.com
aiml alliance authentication bias +19
Data-level ransomware prevention aimed by novel Cigent platform 2 days, 15 hours ago | www.scmagazine.com
cigent compromise data data encryption +15

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com