Researchers share data on a new technique whereby malicious actors are manipulating GitHub’s search function and using cleverly crafted repositories to distribute malware
ComputerWeekly 7:22 pm on April 10, 2024
GitHub, a Microsoft-owned platform for version control and collaboration on software projects, has identified and patched a race condition vulnerability in its dependency scanning feature. This flaw could potentially enable attackers to execute arbitrary code during package installations. The security issue was discovered by researchers from Red Hat, Cybrary, and Ben Lutkevich, who reported it through GitHub's bug bounty program. Bullet points:
1996-2024 all rights reserved. Privacy Policy. All trademarks and copyrights held by respective owners. |