this post was submitted on 29 Jan 2025
2 points (100.0% liked)

(safe) Unsecure security

172 readers
1 users here now

(un) Security - Who will guard the guards?

founded 3 years ago
MODERATORS
[email protected]
[email protected]
2
Clone2Leak: Your Git Credentials Belong To Us (flatt.tech)
submitted 2 weeks ago by [email protected] to c/[email protected]
1 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 2 weeks ago

So, cloning a malicious repository on GitHub Codespaces using GitHub CLI will always leak the access token to the attacker’s hosts.

baha