GitHub Actions exploitation: Dependabot
Tags
| attack-pattern: | Credentials - T1589.001 Malicious File - T1204.002 Tool - T1588.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | ef1c0d30-46c2-4551-b3b2-6246e67685f2 |
| Fingerprint | b945b491846a0ee3 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Aug. 6, 2024, midnight |
| Added to db | Aug. 31, 2024, 10:48 a.m. |
| Last updated | Sept. 4, 2024, 8:45 p.m. |
| Headline | GitHub Actions exploitation: Dependabot |
| Title | GitHub Actions exploitation: Dependabot |
| Detected Hints/Tags/Attributes | 26/1/9 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 414 | ✔ | Last Blog Article | https://www.synacktiv.com/en/feed/lastblog.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | gh-hijack-runner.py |
|
| Details | Domain | 2 | gradle.properties |
|
| Details | Domain | 2 | github.actor |
|
| Details | Domain | 2 | author.name |
|
| Details | File | 1 | gh-hijack-runner.py |
|
| Details | File | 9 | user.log |
|
| Details | File | 4 | evil.txt |
|
| Details | File | 1 | pull_request.html |
|
| Details | File | 1 | sender.log |