this post was submitted on 29 Jan 2025
2 points (100.0% liked)

(safe) Unsecure security

172 readers
1 users here now

(un) Security - Who will guard the guards?

founded 3 years ago
MODERATORS
[email protected]
[email protected]
2
Clone2Leak: Your Git Credentials Belong To Us (flatt.tech)
submitted 1 week ago by [email protected] to c/[email protected]
1 comments fedilink hide all child comments
top 1 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 1 week ago

So, cloning a malicious repository on GitHub Codespaces using GitHub CLI will always leak the access token to the attacker’s hosts.

baha