InfoWorld

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...

Hackers claim to have Target source code for sale following cyberattack

Hackers are apparently selling internal source code stolen from American retail giant Target. A previously unknown threat ...

Target's dev server offline after hackers claim to steal source code

Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be ...
Security Systems News

Okta GitHub repositories hacked, source code stolen

YARMOUTH, Maine – It’s been a hard year for security at identity and access management company Okta, with its most recent data breach incident causing the company to lose its source code to threat ...
InfoQ

Google Releases New Code Search in Beta in Revamped Cloud Source Repositories

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...
Ars Technica

GitHub besieged by millions of malicious repositories in ongoing attack

GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency ...
Threat Post

Octopus Scanner Sinks Tentacles into GitHub Repositories

At least 26 different open-source code repositories were found to be infected with an unusual attack on the open-source software supply chain. The Octopus Scanner malware, which targets the Apache ...