all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Lessons from the Mercedes-Benz GitHub source code leak

Add to bookmarks
Feb. 1, 2024, 1 p.m. | paul.roberts@reversinglabs.com (Paul Roberts)

ReversingLabs Blog blog.reversinglabs.com





The German automotive giant Mercedes-Benz found itself on the wrong end of a software supply chain incident after RedHunt Labs found a leaked GitHub token belonging to an employee of the carmaker that granted "'unrestricted’ and 'unmonitored'" access to the entirety of source code hosted on Mercedes’ internal GitHub Enterprise Server. 

access appsec & supply chain security automotive code code leak employee end enterprise found german giant github github enterprise server incident internal labs leak leaked mercedes-benz server software software supply chain source code source code leak supply supply chain supply chain incident token wrong

Visit resource

More from blog.reversinglabs.com / ReversingLabs Blog

Verizon 2024 DBIR: Software supply chain risks fuel a data breach epidemic 2 days, 14 hours ago | blog.reversinglabs.com
alarm appsec & supply chain security breach breaches +25
What’s hot at RSAC 2024: 8 SSCS talks you don’t want to miss 3 days, 13 hours ago | blog.reversinglabs.com
appsec & supply chain security cisos development don +16
How SOC analysts and threat hunters can expose malware undetected by EDR 4 days, 15 hours ago | blog.reversinglabs.com
analysts can corporate don +16
Introducing the Unified RL Spectra Suite 4 days, 15 hours ago | blog.reversinglabs.com
always on appsec & supply chain security change criminals +15
Announcing the General Availability of Spectra Detect v5.0: Enhancing File Analysis for Advanced Threat Detection 4 days, 15 hours ago | blog.reversinglabs.com
advanced advanced threat advanced threat detection analysis +23
Announcing the General Availability of TitaniumScale v5.0: Enhancing File Analysis for Advanced Threat Detection 1 week, 1 day ago | blog.reversinglabs.com
advanced advanced threat advanced threat detection analysis +23
How NIST CSF 2.0 and C-SCRM help manage software supply chain risk 1 week, 2 days ago | blog.reversinglabs.com
appsec & supply chain security businesses critical critical infrastructure +29
What’s hot at RSAC 2024: 7 must-see talks for security operations teams 1 week, 3 days ago | blog.reversinglabs.com
conference filter flood francisco +21
NVD delays highlight vulnerability management woes: Put malware first 1 week, 4 days ago | blog.reversinglabs.com
appsec & supply chain security attention change current +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Technical Senior Manager, SecOps | Remote US

@ Coalfire | United States
View on infosec-jobs.com

Global Cybersecurity Governance Analyst

@ UL Solutions | United States
View on infosec-jobs.com

Security Engineer II, AWS Offensive Security

@ Amazon.com | US, WA, Virtual Location - Washington
View on infosec-jobs.com

Senior Cyber Threat Intelligence Analyst

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Embedded Global Intelligence and Threat Monitoring Analyst

@ Sibylline Ltd | Austin, Texas, United States
View on infosec-jobs.com

Senior Security Engineer

@ Curai Health | Remote
View on infosec-jobs.com
View more jobs