Are your GitHub Action artifacts leaking tokens?
Palo Alto Networks Unit 42 research uncovered a common problem among open-source GitHub projects that could expose secrets, and even allow attackers to inject malicious code into GitHub Actions workflows.GitHub Actions workflows often use secrets, such as cloud service and GitHub tokens, to…
Source: packetstormsecurity.com
- Read more