Dark Reading
4 months, 1 week ago
Xygeni GitHub Action Compromised Via Tag Poison
Attackers operated an active C2 implant for up to a week and compromised AppSec vendor Xygeni's xygeni/xygeni-action in that time.