this post was submitted on 15 Mar 2025
4 points (100.0% liked)

Cybersecurity

9 readers
25 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

founded 2 years ago
MODERATORS
[email protected]
[email protected]
4
The fallout from the malicious tj-actions/changed-files is still being investigated. It is fortuitous that this malicious commit was identified fairly quickly, as further compromise of major OSS (infosec.exchange)
submitted 1 month ago by [email protected] to c/[email protected]
2 comments fedilink hide all child comments
 

The fallout from the malicious tj-actions/changed-files is still being investigated. It is fortuitous that this malicious commit was identified fairly quickly, as further compromise of major OSS components and projects could lead to a kind of chain reaction.

#infosec #cybersecurity

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 month ago* (last edited 1 month ago)

@jerry It largely depends on how well the initial impact is cleaned up. I'm hoping we won't see a ton of backdoors in various components next.