InfoWorld

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...

Target's dev server offline after hackers claim to steal source code

Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...
Cybernews

Target source code for sale on dark web as employees confirm it’s authentic

Hackers have published what appears to be a sample of stolen repositories on Gitea, a public software development platform, ...
Techzine Europe

CodeBreach enables takeover of AWS GitHub repositories

Wiz discovered a critical vulnerability in AWS CodeBuild that allowed attackers to access core AWS repositories, including ...

Malware scam: Job offers trick developers with malicious repositories

Developers now need to be careful with job offers. Criminals are trying to distribute infostealers through them.

Hackers claim to have Target source code for sale following cyberattack

Hackers are apparently selling internal source code stolen from American retail giant Target. A previously unknown threat ...
CIO

How Tabnine delivers faster, safer AI-generated code at scale

Josh: Tabnine can ingest all enterprise code repositories, understand that context, and enforce standards and policies. That ...
Infosecurity Magazine

CodeBuild Flaw Put AWS Console Supply Chain At Risk

A critical misconfiguration in AWS CodeBuild has allowed attackers to seize control of core AWS GitHub repositories, ...

A simple CodeBuild flaw put every AWS environment at risk – and pwned 'the central nervous system of the cloud'

A critical misconfiguration in AWS's CodeBuild service allowed complete takeover of the cloud provider's own GitHub ...

Critical AWS supply chain vulnerability could have let hackers take over key GitHub repositories

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild service exposed several AWS-managed GitHub repositories to ...