Self-hosted GitHub Actions runners could allow attackers to inject malicious code into repositories, leading to supply chain attacks.
The post Major IT, Crypto Firms Exposed to Supply Chain Compromise via New Class of CI/CD Attack appeared first on SecurityWeek.