The malware called “xpc.js” includes next-generation machine learning algorithms that automatically detect potentially malicious activity associated with open source ecosystems.
The think tank Parliament Street collected Freedom of Information (FOI) responses to reveal that over 22.3 million cyberattacks were blocked by parliament from January 1, 2020, to August 31, 2020.
The bug affected GitHub’s Actions feature – a developer workflow automation tool – that Google Project Zero researcher Felix Wilhelm said was “highly vulnerable to injection attacks”.
Organizations that qualify as leaders recognize their own limitations and are much more likely to supplement their security efforts with crowdsourced penetration testing and bug bounty programs.