Merge Requests and Insecure GitHub Workflows may lead to Supply-Chain Attacks

Security researchers at Legit Security identified vulnerabilities in the GitHub automated workflows used by Google Firebase and Apache Camel that could have been abused to compromise those...

Click to expand...