this post was submitted on 07 Apr 2025
10 points (100.0% liked)

Pulse of Truth

1826 readers
93 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
krogoth@infosec.pub
10
That massive GitHub supply chain attack? It all started with a stolen SpotBugs token (www.theregister.com)
submitted 8 months ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub
0 comments fedilink hide all child comments
 

But this mystery isn't over yet, Unit 42 opines That massive GitHub supply chain attack that spilled secrets from countless projects? It traces back to a stolen token from a SpotBugs workflow - exposed way back in November, months earlier than previously suspected.…

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here