Novel CI/CD attack could prompt widespread supply chain compromise

Significant supply chain compromise could be conducted against major IT and cryptocurrency organizations through a novel continuous integration/continuous delivery attack technique exploiting thousands of public GitHub repositories with malicious code injection issues, SecurityWeek reports.

Article Link: Novel CI/CD attack could prompt widespread supply chain compromise | SC Media