this post was submitted on 29 Jan 2025
1 points (100.0% liked)

(safe) Unsecure security

208 readers
1 users here now

(un) Security - Who will guard the guards?

founded 3 years ago
MODERATORS
saint@group.lt
skrt@group.lt
KasTas@group.lt
1
Clone2Leak: Your Git Credentials Belong To Us (flatt.tech)
submitted 5 months ago by KasTas@group.lt to c/saugumas@group.lt
1 comments fedilink hide all child comments
top 1 comments
sorted by: hot top controversial new old
[–] KasTas@group.lt 1 points 5 months ago

So, cloning a malicious repository on GitHub Codespaces using GitHub CLI will always leak the access token to the attacker’s hosts.

baha