all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Major IT, Crypto Firms Exposed to Supply Chain Compromise via New Class of CI/CD Attack

Add to bookmarks
Jan. 8, 2024, 1:09 p.m. | Ionut Arghire

SecurityWeek RSS Feed www.securityweek.com

Self-hosted GitHub Actions runners could allow attackers to inject malicious code into repositories, leading to supply chain attacks.


The post Major IT, Crypto Firms Exposed to Supply Chain Compromise via New Class of CI/CD Attack  appeared first on SecurityWeek.

actions attack attackers attacks cd ci class code compromise crypto exposed github github actions inject major malicious repositories runners supply supply chain supply chain attacks supply chain compromise supply chain security

Visit resource

More from www.securityweek.com / SecurityWeek RSS Feed

1,400 GitLab Servers Impacted by Exploited Vulnerability an hour ago | www.securityweek.com
attacks cisa critical exploited +8
Russian Hackers Target Industrial Systems in North America, Europe an hour ago | www.securityweek.com
america attacks cisa europe +19
Dropbox Data Breach Impacts Customer Information 5 hours ago | www.securityweek.com
addresses breach breached customer +12
Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says 12 hours ago | www.securityweek.com
authentication ceo change change healthcare +12
Deepfake of Principal’s Voice Is the Latest Case of AI Being Used for Harm 12 hours ago | www.securityweek.com
artificial intelligence case celebrities deepfake +6
Oasis Security Raises $35 Million to Tackle Non-Human Identity Management 18 hours ago | www.securityweek.com
accel banks capital cyberstarts +21
Traceable AI Raises $30 Million to Safeguard Cloud APIs 18 hours ago | www.securityweek.com
api apis api security citi ventures +15
Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push 21 hours ago | www.securityweek.com
app bounty bug bug bounty +18
Adobe Adds Content Credentials and Firefly to Bug Bounty Program 22 hours ago | www.securityweek.com
adobe adobe firefly application security bounty +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs