Péter Szilágyi (karalabe.eth) on Twitter: "Between the 3 Sept and 10 Sept, secure env vars of *all* public @travisci repositories were injected into PR builds. Signing keys, access creds, API tokens. Anyone could exfiltrate these and gain lateral movement into 1000s of orgs. #security 1/4 https://t.co/i23jFzAjjH" / Twitter - discu.eu

Hacker News

Secure env vars of all public travisci repositories were injected into PR builds https://twitter.com/peter_szilagyi/status/1437646118700175360 5 comments 14/9/2021

Reddit

Between the 3 Sept and 10 Sept, secure env vars of *all* public @travisci repositories were injected into PR builds. Signing keys, access creds, API tokens. https://twitter.com/peter_szilagyi/status/1437646118700175360 231 comments 14/9/2021 programming

Linking pages

Travis CI flaw exposed secrets of thousands of open source projects | Ars Technica https://arstechnica.com/information-technology/2021/09/travis-ci-flaw-exposed-secrets-for-thousands-of-open-source-projects/ 10 comments
Ethereum Cat Herders Update #48. Ethereum mainnet attack, Travis CI… | by Pooja Ranjan | Ethereum Cat Herders | Medium https://medium.com/ethereum-cat-herders/ethereum-cat-herders-update-48-c5bc147e3d1 5 comments

Related searches:

Search whole site: site:twitter.com

Search title: Péter Szilágyi (karalabe.eth) on Twitter: "Between the 3 Sept and 10 Sept, secure env vars of *all* public @travisci repositories were injected into PR builds. Signing keys, access creds, API tokens. Anyone could exfiltrate these and gain lateral movement into 1000s of orgs. #security 1/4 https://t.co/i23jFzAjjH" / Twitter

See how to search.

Submit link to: