ray@lemmy.ml to

Security@lemmy.mlEnglish · 3 days ago

How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories

research.kudelskisecurity.com

1

cross-posted to:
hackernews@lemmy.bestiver.se

10

How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories

research.kudelskisecurity.com

ray@lemmy.ml to

Security@lemmy.mlEnglish · 3 days ago

1

cross-posted to:
hackernews@lemmy.bestiver.se

In this blog post, we explain how we got remote code execution (RCE) on CodeRabbit’s production servers, leaked their API tokens and secrets, how we could have accessed their PostgreSQL datab…

Chat

brownmustardminion@lemmy.ml
link
fedilink
arrow-up
2·
3 days ago
I wonder if Fireship will make a video about this…