all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Major IT, Crypto Firms Exposed to Supply Chain Compromise via New Class of CI/CD Attack

Add to bookmarks
Jan. 8, 2024, 1:09 p.m. | Ionut Arghire

SecurityWeek RSS Feed www.securityweek.com

Self-hosted GitHub Actions runners could allow attackers to inject malicious code into repositories, leading to supply chain attacks.


The post Major IT, Crypto Firms Exposed to Supply Chain Compromise via New Class of CI/CD Attack  appeared first on SecurityWeek.

actions attack attackers attacks cd ci class code compromise crypto exposed github github actions inject major malicious repositories runners supply supply chain supply chain attacks supply chain compromise supply chain security

Visit resource

More from www.securityweek.com / SecurityWeek RSS Feed

In Other News: Apple WPS Surveillance, Canadian Gov Wants Backdoors, NIST AI Program 1 day, 17 hours ago | www.securityweek.com
apple backdoors can canadian +12
Information of Hundreds of European Politicians Found on Dark Web 1 day, 18 hours ago | www.securityweek.com
addresses british dark dark web +7
Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers 1 day, 19 hours ago | www.securityweek.com
actor botnet brick bricked +10
CISA Warns of Exploited Linux Kernel Vulnerability 1 day, 19 hours ago | www.securityweek.com
cisa cisa kev cve cve-2024 +13
OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit 1 day, 19 hours ago | www.securityweek.com
ai summit artificial intelligence board board members +9
Hackers Boast Ticketmaster Breach on Relaunched BreachForums 1 day, 20 hours ago | www.securityweek.com
breach breachforums data data breach +8
BBC Data Breach Impacts 25,000 Employees 1 day, 21 hours ago | www.securityweek.com
bbc breach current data +5
Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero 2 days, 12 hours ago | www.securityweek.com
access acquisition bastionzero bolster +19
Microsoft’s Windows Recall: Cutting-Edge Search Tech or Creepy Overreach? 2 days, 13 hours ago | www.securityweek.com
ai apps artificial intelligence bots +22

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com