New year, old tricks: Hunting for CircleCI configuration files, (Mon, Jan 9th)

I have written before about attackers looking for exposed configuration files. Configuration files often include credentials or other sensitive information.Today, I noticed some scans for a files called “/.circleci/config.yml”. Given the recent breach at CircleCI, I dug in a bit deeper.

Article Link: