popular github action compromised
(www.stepsecurity.io)
from leds@feddit.dk to cybersecurity@sh.itjust.works on 16 Mar 06:08
https://feddit.dk/post/11094344
from leds@feddit.dk to cybersecurity@sh.itjust.works on 16 Mar 06:08
https://feddit.dk/post/11094344
stepsecurity.io/…/harden-runner-detection-tj-acti…
Harden-Runner detection: tj-actions/changed-files action is compromised We are investigating a critical security incident involving the popular tj-actions/changed-files GitHub Action. We want to alert you immediately so that you can take prompt action.
Your secrets are in the build logs
threaded - newest