Techly NewsGet the app

Get the latest tech news

Number of incidents affecting GitHub, Bitbucket, Gitlab and Jira is rising


The State of DevOps Threats Report sheds light on the most critical cybersecurity incidents concerning DevOps and GitHub.

Hackers also used GitHub for hosting malware on a legitimate public service and used it as a dead-drop resolver to retrieve the real command-and-control (C2) address, giving a threat actor the green light to create an attack infrastructure that was reliable and inexpensive, and threatened other users and their data. Last year Atlassian struggled mostly with high-severity flaws, with CVSS scores over 9 – template injection vulnerability or critical Remote Code Execution (RCE) bugs – just to name a few. Consequently, the infected endpoint corresponding with a GitHub repository might not be reported as a suspicious one, giving a threat actor the green light to create an attack infrastructure that was reliable and inexpensive, and threatened other users and their data.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of number

number

Photo of GitHub

GitHub

Photo of GitLab

GitLab

Related news:

News photo

Malware scam on GitHub impersonates Google Authenticator ad

News photo

Where Are Large Language Models for Code Generation on GitHub?

News photo

GitHub Models: A new generation of AI engineers building on GitHub

« Google’s Monopoly Money + Is the A.I. Bubble Popping? + The Hot-Mess Express
God of War Ragnarök PC system requirements – are you ready to run it? »