You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This could be explained as part of the shell injection section. However, maybe this should go into an expanded section on build systems & supply chains, since it's a kind of attack that many developers hadn't considered.
The text was updated successfully, but these errors were encountered:
Add, as an example, the vulnerability described by Cycode in "How We Discovered Vulnerabilities in CI/CD Pipelines of Popular Open-Source Projects" by Alex Ilgayev (Cycode), 2022-03-18 and explained at their talk at SupplyChainSecurityCon 2022.
This could be explained as part of the shell injection section. However, maybe this should go into an expanded section on build systems & supply chains, since it's a kind of attack that many developers hadn't considered.
The text was updated successfully, but these errors were encountered: