all InfoSec news
Google supply chain bug patched in code-testing tool Bazel
Feb. 2, 2024, 11:01 p.m. | Stephen Weigand
SC Magazine feed for Strategy www.scmagazine.com
A GitHub Actions workflow could have been used for a command injection vulnerability in Bazel, which had the potential for threat actors to add malicious code into the production environment for projects using the Google open-source product.
actions bug code command command injection devsecops environment github github actions google injection malicious product production projects supply supply chain testing testing tool third-party-code threat threat actors tool vulnerability
More from www.scmagazine.com / SC Magazine feed for Strategy
Securing Backups - SWN Vault
1 day, 13 hours ago |
www.scmagazine.com
Five elements of proactive patching
1 day, 18 hours ago |
www.scmagazine.com
Alleged Russian cybercriminal faces US fraud charges
2 days, 14 hours ago |
www.scmagazine.com
House committee OKs independent Cyber Force
2 days, 14 hours ago |
www.scmagazine.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC