PhilipTheBucket@ponder.cat to Cybersecurity@sh.itjust.worksEnglish · 4 days agoGitHub supply chain attack spills secrets from 23K projectsgo.theregister.comexternal-linkmessage-square6fedilinkarrow-up137arrow-down12
arrow-up135arrow-down1external-linkGitHub supply chain attack spills secrets from 23K projectsgo.theregister.comPhilipTheBucket@ponder.cat to Cybersecurity@sh.itjust.worksEnglish · 4 days agomessage-square6fedilink
minus-squarezero_spelled_with_an_eckslinkfedilinkEnglisharrow-up4·3 days agoAnybody that got bit by this, there’s a drop in replacement at step-security/changed-files They also have a good write-up of the incident https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised that shows how to tell if you were hit.
Anybody that got bit by this, there’s a drop in replacement at step-security/changed-files
They also have a good write-up of the incident https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised that shows how to tell if you were hit.