» 2024 » January » 12 Blog

Context On January 11, 2023, GitLab released security updates to remedy two critical vulnerabilities in GitLab software. All RH-ISAC organizations are urged to immediately update to versions 16.5.6, 16.6.4, and 16.7.2, or to a version where the fix was backported (16.1.6, 16.2.9, 16.3.7, and 16.4.5). According to the security update, the flaws affected the following…

Thousands of public GitHub repositories are vulnerable to a newly discovered malicious code injection via self-hosted GitHub Actions runners, which could lead to high-impact attacks, leading to potential disruption to large-scale organizations, according to a recently released news report. Furthermore, threat actors have specifically targeted GitHub repositories recently, demonstrating clear intent and capability, while the…