Researchers at Legit Security said in a report today that they've found a flaw in popular testing tool Azure Pipelines that would allow hackers to inject malicious code into source code and other projects hosted in code testing environments.
The vulnerability can be triggered when someone submits a contribution or edit to a build system project hosted on Azure Pipelines, Liav Caspi, co-founder and chief technology officer at Legit Security, told Axios.
[
add
]
[
|
|
...
]