Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
thangngoc89
8 months ago
|
parent
|
context
|
favorite
| on:
Analysis of supply-chain attack on Ultralytics
Attacker sent a PR to the ultralytics repository that triggered Github CI. This results in 1) attacker trigger new version publication on the CI itself 2) attacker was able to obtain secrets token for publish to PyPi
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
