all InfoSec news
Google supply chain bug patched in code-testing tool Bazel
Feb. 2, 2024, 11:01 p.m. | Stephen Weigand
SC Magazine feed for Strategy www.scmagazine.com
A GitHub Actions workflow could have been used for a command injection vulnerability in Bazel, which had the potential for threat actors to add malicious code into the production environment for projects using the Google open-source product.
actions bug code command command injection devsecops environment github github actions google injection malicious product production projects supply supply chain testing testing tool third-party-code threat threat actors tool vulnerability
More from www.scmagazine.com / SC Magazine feed for Strategy
Automated pentesting in the cloud
1 day, 1 hour ago |
www.scmagazine.com
Unforeseen outcomes of innovation
1 day, 7 hours ago |
www.scmagazine.com
Ten ways to minimize software supply chain risks
1 day, 13 hours ago |
www.scmagazine.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368
@ Allen Integrated Solutions | Chantilly, Virginia, United States
Consultant Sécurité SI H/F Gouvernance - Risques - Conformité
@ Hifield | Sèvres, France
Infrastructure Consultant
@ Telefonica Tech | Belfast, United Kingdom