CyberWire Daily The supply chain in disarray. [Research Saturday]
Mar 30, 2024
Elad, Senior Security Researcher at Cycode, shares research on a supply chain vulnerability in Bazel affecting projects like Kubernetes and Google. The podcast discusses AI in cyber attacks, workflow vulnerabilities, composite actions, GitHub attack scenarios, and sponsor emphasis for risk mitigation.
Chapters
Transcript
Episode notes
1 2 3 4 5
Introduction
00:00 • 2min
Unveiling a Supply Chain Vulnerability in Basel and Workflow Exploitation
01:46 • 5min
Exploring Composite Actions and Security Implications in Code Development
06:59 • 3min
GitHub Action Attack Scenario Analysis
09:32 • 5min
Discussion on Supply Chain Vulnerability and Sponsor Emphasis
15:01 • 2min