Social engineering techniques were used to trick developers into exposing repositories. Using the GitHub Pages build process, a security researcher discovered a way to…
GitHub vulnerability
General
Workflow Weaknesses In GitHub Actions Gave Applications Like Logstash Write Access
Worst-case possibilities included malicious construction and greater infrastructural compromise. Multiple workflows of the well-known continuous integration and development (CI/CD) service GitHub Actions have been…