• #dev 2021-09-14
  • Prev
    Next
  • #indieweb
  • #dev
  • #wordpress
  • #meta
  • #stream
  • #microformats
  • #known
  • #events
#dev ≡
  • ←
  • →
2021-09-14 UTC
# 16:49
@peter_szilagyi Between the 3 Sept and 10 Sept, secure env vars of *all* public @travisci repositories were injected into PR builds. Signing keys, access creds, API tokens. Anyone could exfiltrate these and gain lateral movement into 1000s of orgs. #security 1/4 https://travis-ci.community/t/security-bulletin/12081 (twitter.com/_/status/1437646118700175360)