Posted by Nightwatch Cybersecurity Research on Apr 27

(Original blog post here:
https://wwws.nightwatchcybersecurity.com/2021/04/25/supply-chain-attacks-via-github-com-releases/)

SUMMARY

Release functionality on GitHub.com allows modification of assets
within a release by any project collaborator. This can occur after the
release is published, and without notification or audit logging
accessible in the UI to either the project owners or the public.
However, some audit information may be available…
Read More – Full Disclosure


By |2021-04-27T19:18:56-04:00April 27th, 2021|