GitHub is one of the most popular software repositories so it stands to reason that threat actors will always be searching for ways in as infecting code at source that is then reused in multiple applications is a cost-effective way to run a cyber attack.
GitHub has just patched a flaw that had the potential to allow threat actors to infect software across a whole repository:
Let’s hope they fixed the flaw before a stealthy hacker had had a chance to use it!
Do you have custom software that a developer wrote for you using code from GitHub?
You should know the answer to that question – your cyber security is your responsibility.
Clive Catton MSc (Cyber Security) – by-line and other articles
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
