35 matches found
MAL-2026-6273 Malicious code in zod-pino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c536e5a7ee3d5542e1ac822b30ba4525e52b2ae0c964d0c2470468d91b9b41c8 The package is published under a name suggesting a Pino logger integration for Zod, but the tarball contents do not match that purpose and exhibit...
Making secret scanning more trustworthy: Reducing false positives at scale
Secret scanning plays a critical role in protecting developers and organizations. It helps catch exposed credentials early and prevents small mistakes from turning into real incidents. At GitHub's scale, even small inefficiencies create real friction. Too many false positives make alerts harder t...
CVE-2026-3307
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated bypass reviewer list on another repository by manipulating the ownerid parameter in the request bod...
MAL-2026-4228 Malicious code in @tiledesk/tiledesk-server (npm)
@tiledesk/tiledesk-server version 2.18.12 is a compromised release of the legitimate Tiledesk customer support platform package. This version was injected with a CI pipeline backdoor as part of the megalodon campaign — a mass GitHub repository backdooring operation targeting CI/CD runner...
EUVD-2026-24520
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated bypass reviewer list on another repository by manipulating the ownerid parameter in the request bod...
CVE-2026-3307
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated bypass reviewer list on another repository by manipulating the ownerid parameter in the request bod...
CVE-2026-3307 Authorization bypass in GitHub Enterprise Server secret scanning push protection allows cross-repository modification of delegated bypass reviewers
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated bypass reviewer list on another repository by manipulating the ownerid parameter in the request bod...
CVE-2026-3307 Authorization bypass in GitHub Enterprise Server secret scanning push protection allows cross-repository modification of delegated bypass reviewers
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated bypass reviewer list on another repository by manipulating the ownerid parameter in the request bod...
CVE-2026-3307
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated bypass reviewer list on another repository by manipulating the ownerid parameter in the request bod...
CVE-2026-3307
GitHub Enterprise Server vulnerability CVE-2026-3307 allows an admin on one repository to modify the secret scanning push protection delegated bypass reviewers for another repository by changing the owner_id in the request body. Authorization is checked against the URL repository, but the action ...
PT-2026-34196
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated bypass reviewer list on another repository by manipulating the owner id parameter in the request...
How Security Tool Misuse Is Reshaping Cloud Compromise
Key Takeaways Legitimate secret-scanning tools such as TruffleHog have been operationalized in real-world cloud attack campaigns. Attack progression commonly follows a repeatable sequence: credential discovery, live validation, permission enumeration, and data access. Exposed long-lived access ke...
GitHub: Cross-repository IDOR in `/settings/security_analysis/bypass_reviewers` allows unauthorized delegated bypass reviewer modification
A vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning push protection delegated bypass reviewer list on another repository. Authorization was verified against the repository in the URL, but the action...
[SECURITY] Fedora 43 Update: gitleaks-8.30.0-1.fc43
Scan git repos or files for secrets using regex and entropy...
How to Prevent NPM Supply Chain Attacks in CI/CD Pipelines with Container Security
Introduction Containerized applications power the backbone of modern software delivery. But with speed comes risk. Vulnerabilities and embedded secrets can slip through the cracks long before they hit production. The result? Alert fatigue, noisy false positives, and critical exposures that disrup...
Malicious code in secret-scanning-proto (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1465959a0117b88d5bd9a996a386b97399277821a3199d62026605750c8194b7 The OpenSSF Package Analysis project identified 'secret-scanning-proto' @ 99.99.99 rubygems as malicious. It is considered malicious because: -...
MAL-2025-46942 Malicious code in secret-scanning-proto (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1465959a0117b88d5bd9a996a386b97399277821a3199d62026605750c8194b7 The OpenSSF Package Analysis project identified 'secret-scanning-proto' @ 99.99.99 rubygems as malicious. It is considered malicious because: -...
CVE-2024-10824
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed unauthorized internal users to access sensitive secret scanning alert data intended only for business owners. This issue could be exploited only by organization members with a personal access token PAT a...
Malicious code in secret-scanning-custom-notifications (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 327294aa7aee3dce9cc1b90296b239e83b00f5589a3613f7261f268283a575aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-10824
An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed unauthorized internal users to access sensitive secret scanning alert data intended only for business owners. This issue could be exploited only by organization members with a personal access token PAT a...