security research, vulnerability, git, github, advisory — 15 January 2021 Attack of the clones 2: Git CLI remote code execution strikes back Introduction This post is the second part of the story of a vulnerability that could be leveraged as a supply chain attack and used to hack millions of software developers around the world. We will describe all details about CVE-2020-26233,...
security research, vulnerability, git, github — 05 November 2020 Attack of the clones: Git clients remote code execution Introduction This post is a rather unusual story of a vulnerability that could be leveraged as a supply chain attack and used to attack millions of software developers around the world. It is also a tale of a bug collision...