AndiMann<p>"<a href="https://masto.ai/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> Action Compromise Puts <a href="https://masto.ai/tags/CICD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CICD</span></a> Secrets at <a href="https://masto.ai/tags/Risk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Risk</span></a> in Over 23,000 Repositories"</p><p><a href="https://masto.ai/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevOps</span></a> <a href="https://masto.ai/tags/automation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>automation</span></a> is always high risk: root access, connected, fast, scaled. So 💩 like this is 💯 unacceptable. </p><p>Major $fail by $MSFT leadership. I bet all the <a href="https://masto.ai/tags/layoffs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>layoffs</span></a> didn't help.</p><p><a href="https://thehackernews.com/2025/03/github-action-compromise-puts-cicd.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/03/gith</span><span class="invisible">ub-action-compromise-puts-cicd.html</span></a></p>