Recent searches

No recent searches

Search options

Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

8.7K
active users

fosstodon.org: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.4

Ivan Enderlin 🦀

GitHub Action tj-actions/changed-files is compromised, stepsecurity.io/blog/harden-ru.

> the attackers modified the action’s code and retroactively updated multiple version tags to reference the malicious commit. The […] Action prints CI/CD secrets in GitHub Actions build logs. If the workflow logs are publicly accessible (such as in public repositories), anyone could potentially read these logs and obtain exposed secrets.

www.stepsecurity.ioHarden-Runner detection: tj-actions/changed-files action is compromised - StepSecuritytj-actions/changed-files
#security
··Mona for iPhone
16boosts·8favorites
TrendingLive feeds
About