THREAT OPS › Threat News › The case for GitHub Actions security after recent supply chain attacks
The case for GitHub Actions security after recent supply chain attacks
GitHub Actions workflows are vulnerable to pwn requests, script injection, and compromised credentials. Here's what's going wrong and what's changing.
MITRE ATT&CK techniques
- CredentialsT1589.001