all InfoSec news
Lessons from the Mercedes-Benz GitHub source code leak
Malware Analysis, News and Indicators - Latest topics malware.news
The German automotive giant Mercedes-Benz found itself on the wrong end of a software supply chain incident after RedHunt Labs found a leaked GitHub token belonging to an employee of the carmaker that granted "'unrestricted’ and 'unmonitored'" access to the entirety of source code hosted on Mercedes’ internal GitHub Enterprise Server.
In a post published on Monday, RedHunt Labs said that the exposed token “laid bare sensitive repositories housing a wealth of intellectual property.” That included Mercedes’ “Database Connection …
access automotive code code leak employee end enterprise found german giant github github enterprise server incident internal labs leak leaked mercedes-benz server software software supply chain source code source code leak supply supply chain supply chain incident token wrong