The fallout from the malicious tj-actions/changed-files is still being investigated. It is fortuitous that this malicious commit was identified fairly quickly, as further compromise of major OSS components and projects could lead to a kind of chain reaction.
#infosec #cybersecurity
You must log in or register to comment. the second and third order impacts of this could get interesting
@jerry It largely depends on how well the initial impact is cleaned up. I’m hoping we won’t see a ton of backdoors in various components next.