all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Google supply chain bug patched in code-testing tool Bazel

Add to bookmarks
Feb. 2, 2024, 11:01 p.m. | Stephen Weigand

SC Magazine feed for Strategy www.scmagazine.com

A GitHub Actions workflow could have been used for a command injection vulnerability in Bazel, which had the potential for threat actors to add malicious code into the production environment for projects using the Google open-source product.

actions bug code command command injection devsecops environment github github actions google injection malicious product production projects supply supply chain testing testing tool third-party-code threat threat actors tool vulnerability

Visit resource

More from www.scmagazine.com / SC Magazine feed for Strategy

How to revamp your cybersecurity in the middle of the chaos 1 day, 1 hour ago | www.scmagazine.com
attackers chaos cybersecurity demands +7
Automated pentesting in the cloud 1 day, 1 hour ago | www.scmagazine.com
automated challenge cloud cloud security +10
Hardware cybersecurity leader, Flexxon, introduces Server Defender 1 day, 1 hour ago | www.scmagazine.com
advanced cybersecurity defender engineering +7
6K-plus AI models may be affected by critical RCE vulnerability 1 day, 3 hours ago | www.scmagazine.com
aiml ai models attacks critical +12
Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 1 day, 4 hours ago | www.scmagazine.com
aiml attacks near phishing +4
Unforeseen outcomes of innovation 1 day, 7 hours ago | www.scmagazine.com
aiml digicert digital digital trust +8
CISA official Eric Goldstein to step down next month 1 day, 8 hours ago | www.scmagazine.com
agency assistant cisa critical-infrastructure-security +13
Ten ways to minimize software supply chain risks 1 day, 13 hours ago | www.scmagazine.com
development organizations risks security +9
The enterprise browser: The first win-win-win for CISOs, CIOs and end users 1 day, 23 hours ago | www.scmagazine.com
application security browser browsers cisos +10

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France
View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom
View on infosec-jobs.com