GitHub CodeQL Actions Critical Supply Chain Vulnerability (CodeQLEAKED)
Praetorian · CodeQLEAKED - Public Secrets Exposure Leads toSupply Chain Attack on GitHub CodeQLAn exposed GitHub token could have been used to launch a supply chain attack on GitHub CodeQL, resulting in source code exposure and repository tampering of CodeQL users.