Sept. 17, 2023, 12:42 a.m. | DEFCONConference


GitHub is the most popular platform to host Open Source projects therefore, the popularity of their CI/CD platform - GitHub Actions is rising, which makes it an attractive target for attackers.

In this talk I’ll show you how an attacker can take advantage of the Custom GitHub Actions ecosystem by infecting one Action to spread malicious code to other Actions and projects by showing you a demo of POC worm.

We will start by exploring the ways in which Actions …

actions attacker attackers con def def con def con 31 ecosystem github github actions host open source platform popular projects rising target worm

Business Information Security Officer

@ Metrolink | Los Angeles, CA

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City

Security Engineer

@ ChartMogul | Remote, EU

Senior Threat Engineer

@ Zscaler | Tel Aviv-Yafo, Israel

Information Security Communication Specialist

@ MicroStrategy | Mumbai, India

Principal Software Engineer (Network Security - SASE)

@ Palo Alto Networks | Santa Clara, CA, United States