Double Trouble: GitHub Secrets Leak + 3.2M Users Hit by Extension Hijack
No se pudo agregar al carrito
Add to Cart failed.
Error al Agregar a Lista de Deseos.
Error al eliminar de la lista de deseos.
Error al añadir a tu biblioteca
Error al seguir el podcast
Error al dejar de seguir el podcast
Double Trouble: GitHub Secrets Leak + 3.2M Users Hit by Extension Hijack
-
Narrado por:
-
De:
In this high-alert episode of CISO Guide to Cyber Resilience, hosts Debra Baker and Isabella Otero break down two massive supply chain cybersecurity threats shaking the industry:
1️⃣ A GitHub Action compromise that leaked CI/CD secrets from over 23,000 repositories, exposing AWS keys, GitHub PATs, and more.
2️⃣ A browser extension hijack that infected over 3.2 million users, turning trusted Chrome and Firefox extensions into tools for data theft and ad injection.
💥 You’ll learn:
What went wrong with the tj-actions/changed-files GitHub Action (CVE-2025-30066)
Immediate mitigation steps for DevSecOps teams
The 16 compromised extensions you must remove now
Browser hygiene best practices to avoid future attacks
🔐 Whether you're a developer, security leader, or just trying to stay safe online, this episode delivers urgent, actionable insights to help you protect your workflows and personal data.