all InfoSec news
Google supply chain bug patched in code-testing tool Bazel
Malware Analysis, News and Indicators - Latest topics malware.news
A GitHub Actions workflow could have been used for a command injection vulnerability in Bazel, which had the potential for threat actors to add malicious code into the production environment for projects using the Google open-source product.
Article Link: Google supply chain bug patched in code-testing tool Bazel | SC Media
1 post - 1 participant
actions article bug code command command injection environment github github actions google injection link malicious media product production projects supply supply chain testing testing tool threat threat actors tool vulnerability