Source The recent GitHub Actions supply chain attack represents a multi-layered, targeted compromise that initially focused on Coinbase before escalating into a widespread incident affecting thousands of repositories. This sophisticated attack exploited critical CI/CD misconfigurations and leveraged leaked Personal Access Tokens (PATs) to gain unauthorized access, potentially leading to data breaches and code tampering. The Read More …
Tag: attack path
Hacker TV – GoFetch
This video demonstrates how GoFetch utilizes Bloodhound attack graph data to automatically pivot from an exploited host to the domain controller. The demonstration begins in Bloodhound, where the presenter identifies the attack path to the domain controller. After finding a path, the graph is exported for use by the attack script. The presenter then launches GoFetch Read More …