Bazel PoC attack highlights transitive vulnerability risk in custom GitHub Actions
Security researchers demonstrated a software supply-chain attack that could have allowed them to backdoor the codebase of Bazel, a Google-developed open-source tool for automating software […]