Cycode Discloses GitHub Actions Vulnerability in Google Bazel Project - DevOps.com

Cycode Discloses GitHub Actions Vulnerability in Google Bazel Project - DevOps.com

Briefly

Cycode researchers shared their discovery with Google, which has since updated the way it employs GitHub Actions to manage the Bazel codebase.

DevOps.comhttps://devops.com/cycode-discloses-github-actions-vulnerability-in-google-bazel-project/

The vulnerability, now remediated, could have been used to create a backdoor through which malicious code could have been inserted into a codebase that is managed by Google.

DevOps.comhttps://devops.com/cycode-discloses-github-actions-vulnerability-in-google-bazel-project/