Noam Dotan : Sep 8, 2022 11:47:40 AM
Code reviews are an essential security guardrail, but GitHub’s required code reviewers' settings might be giving you a false sense of security – they can easily be bypassed by any collaborator with reviewer permissions.
Read More
Noam Dotan : Sep 1, 2022 10:00:03 AM
In this blog post, we'll discuss a new type of GitHub Actions workflow vulnerability we called "GitHub Environment Injection". We've found a couple of
Noam Dotan : Aug 29, 2022 9:17:15 PM
LastPass, one of the world's largest password managers with 25 million users, disclosed that an unauthorized party had gained access to portions of...
Noam Dotan : May 2, 2022 10:44:09 AM
In this blog post, we’ll explore a bug we’ve found in a popular third-party action and how in some cases it could lead to your SDLC pipeline being...
Noam Dotan : Apr 4, 2022 3:01:54 PM
At Legit Security, we’re focused on preventing software supply chain attacks and securing the SDLC for our customers and the broader cybersecurity...
