@PhilipTheBucket@ponder.cat to Cybersecurity@sh.itjust.worksEnglish • 10 days agoGitHub supply chain attack spills secrets from 23K projectsgo.theregister.comexternal-linkmessage-square6fedilinkarrow-up136arrow-down12
arrow-up134arrow-down1external-linkGitHub supply chain attack spills secrets from 23K projectsgo.theregister.com@PhilipTheBucket@ponder.cat to Cybersecurity@sh.itjust.worksEnglish • 10 days agomessage-square6fedilink
minus-square@zero_spelled_with_an_ecks@programming.devlinkfedilinkEnglish4•10 days agoAnybody that got bit by this, there’s a drop in replacement at step-security/changed-files They also have a good write-up of the incident https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised that shows how to tell if you were hit.
Anybody that got bit by this, there’s a drop in replacement at step-security/changed-files
They also have a good write-up of the incident https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised that shows how to tell if you were hit.