Comment by ErneX 1 day ago The article explains what is extracted. 4 comments ErneX Reply jeroenhd 1 day ago The article waffles on forever and gives some generic advice.Meanwhile, Bitwarden themselves state that end users were almost never affected: https://community.bitwarden.com/t/bitwarden-statement-on-che...You had to install the CLI through NPM at a very short time frame for it to be affected. If you did get infected, you have to assume all secrets on your computer were accessed and that any executable file you had write access to may be backdoored. valicord 1 day ago No it doesn't? ErneX 1 day ago Yes it does, under technical analysis. I don’t want to paste it here when it’s laid out in the article… hgoel 1 day ago It seems to be describing what the Checkmarx vulnerability allows to be done on a GitHub Actions runner?
jeroenhd 1 day ago The article waffles on forever and gives some generic advice.Meanwhile, Bitwarden themselves state that end users were almost never affected: https://community.bitwarden.com/t/bitwarden-statement-on-che...You had to install the CLI through NPM at a very short time frame for it to be affected. If you did get infected, you have to assume all secrets on your computer were accessed and that any executable file you had write access to may be backdoored.
valicord 1 day ago No it doesn't? ErneX 1 day ago Yes it does, under technical analysis. I don’t want to paste it here when it’s laid out in the article… hgoel 1 day ago It seems to be describing what the Checkmarx vulnerability allows to be done on a GitHub Actions runner?
ErneX 1 day ago Yes it does, under technical analysis. I don’t want to paste it here when it’s laid out in the article… hgoel 1 day ago It seems to be describing what the Checkmarx vulnerability allows to be done on a GitHub Actions runner?
hgoel 1 day ago It seems to be describing what the Checkmarx vulnerability allows to be done on a GitHub Actions runner?
The article waffles on forever and gives some generic advice.
Meanwhile, Bitwarden themselves state that end users were almost never affected: https://community.bitwarden.com/t/bitwarden-statement-on-che...
You had to install the CLI through NPM at a very short time frame for it to be affected. If you did get infected, you have to assume all secrets on your computer were accessed and that any executable file you had write access to may be backdoored.
No it doesn't?
Yes it does, under technical analysis. I don’t want to paste it here when it’s laid out in the article…
It seems to be describing what the Checkmarx vulnerability allows to be done on a GitHub Actions runner?