If you think your GitHub repo is secure. Think again. As proof of this, I present “the McFlurry Bandit” who claims to have pwned McDonald’s GitHub repo:
Ken Westin, Field CISO, Panther Labs had this to say:
We are seeing more threat actors targeting source code, dev infrastructure, and developers themselves. Gaining access to code or infrastructure not only provides attackers with access to sensitive and valuable data, but can also inject malicious code to compromise additional targets downstream.
I went looking for a comment from McDonalds to see if they had anything to say about this. But I couldn’t find one. Those either they don’t know, or they’re trying to figure out how bad this is. The former isn’t a good look and this could be equally as true for the latter if it’s really bad. I’m watching to find out which it is.
Like this:
Like Loading...
Related
This entry was posted on January 11, 2024 at 8:50 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
The “McFlurry Bandit” Claims To Have Pwned McDonalds
If you think your GitHub repo is secure. Think again. As proof of this, I present “the McFlurry Bandit” who claims to have pwned McDonald’s GitHub repo:
Ken Westin, Field CISO, Panther Labs had this to say:
We are seeing more threat actors targeting source code, dev infrastructure, and developers themselves. Gaining access to code or infrastructure not only provides attackers with access to sensitive and valuable data, but can also inject malicious code to compromise additional targets downstream.
I went looking for a comment from McDonalds to see if they had anything to say about this. But I couldn’t find one. Those either they don’t know, or they’re trying to figure out how bad this is. The former isn’t a good look and this could be equally as true for the latter if it’s really bad. I’m watching to find out which it is.
Share this:
Like this:
Related
This entry was posted on January 11, 2024 at 8:50 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.