A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories before fixes in Sep 2025.
A critical misconfiguration in AWS CodeBuild has allowed attackers to seize control of core AWS GitHub repositories, including the JavaScript SDK that underpins the AWS Console.
13 日on MSN
Critical AWS supply chain vulnerability could have let hackers take over key GitHub repositories
The vulnerability was spotted in August 2025, so users should patch now.
一部の結果でアクセス不可の可能性があるため、非表示になっています。
アクセス不可の結果を表示する