Folks,
Just an FYI on this CI/CD pipeline attack on known Github Actions
vulnerabilites.
LF-IT has verified that FD.io repositories are not vulnerable to the
attack vectors used and were not compromised.
Here's a link to an article describing it:
https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation
Thanks,
-daw-
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#26863): https://lists.fd.io/g/vpp-dev/message/26863
Mute This Topic: https://lists.fd.io/mt/118153896/21656
Group Owner: [email protected]
Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/14379924/21656/631435203/xyzzy
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
