Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎08-19-2024 05:09 PM
‎08-19-2024 05:09 PM

GitHub Attack Vector Cracks Open Google, Microsoft, AWS Projects

Hi All

 

Cloud services and thus millions of end users who access them could have been affected by the poisoning of artifacts in the development workflow of open source projects.

 

Researchers have uncovered an attack vector that affected GitHub open source projects owned by Google, Microsoft, Amazon Web Services, and others, executed by abusing artifacts generated as part of software-development workflows.

Researchers at Palo Alto Networks' Unit 42 discovered the attack, which was effective against "high-profile open source projects owned by the biggest companies in the world," according to a blog post published by lead researcher Yaron Avital yesterday. Compromise of those projects, then, "could have led to a potential impact on millions of their consumers."

 

https://www.darkreading.com/cloud-security/github-attack-vector-google-microsoft-aws-projects

 

Regards

 

Caute_Cautim

 

 

Reply
0 Kudos
0 Replies