all InfoSec news
Lessons from the Mercedes-Benz GitHub source code leak
ReversingLabs Blog blog.reversinglabs.com
The German automotive giant Mercedes-Benz found itself on the wrong end of a software supply chain incident after RedHunt Labs found a leaked GitHub token belonging to an employee of the carmaker that granted "'unrestricted’ and 'unmonitored'" access to the entirety of source code hosted on Mercedes’ internal GitHub Enterprise Server.
access appsec & supply chain security automotive code code leak employee end enterprise found german giant github github enterprise server incident internal labs leak leaked mercedes-benz server software software supply chain source code source code leak supply supply chain supply chain incident token wrong