[rwth-security] GitLab affected by GitHub-style CDN flaw allowing malware hosting

23 Apr 2024


      Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"GitLab affected by GitHub-style CDN flaw allowing malware hosting"
--> "... Following our investigation, however, we learned that these
         files—which are malware, were nowhere to be found on Microsoft's
         code repo.
Rather, these existed on GitHub's CDN and were likely uploaded by a
        threat actor who abused the platform's "comments" feature. ..."
VG
Bernd
[0]
https://www.bleepingcomputer.com/news/security/gitlab-affected-by-github-sty...
-- 

Bernd Kohler

IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler@itc.rwth-aachen.de
https://www.itc.rwth-aachen.de

Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/c/ITCenterRWTHAachen

2024

2023

2022

2021

2020

2019

2018

[rwth-security] GitLab affected by GitHub-style CDN flaw allowing malware hosting