Back to directory
WRITEUP #797

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree

OtherCI/CD
by@TupleType(Asi Greenholts)
Program
VeracodeHangfire
Published
Sep 14, 2023
Added to HackDex
Oct 3, 2023
Read Full Writeuphttps://www.paloaltonetworks.com/blog/prisma-cloud/github-actions-worm-dependencies/
RELATED WRITEUPS
Github Actions Exploitation: Dependabot
OtherCI/CD
GitHub Actions Exploitation: Self Hosted Runners
OtherCI/CD
Data Theft in Salesforce: Manipulating Public Links
OtherSOQL injection
When Certificates Fail: A Story of Bypassed MFA in Remote Access
Other2FA / MFA bypass
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff
OtherSSTI

Built with ❤️ by Shubham Rawat