Critical GitHub CodeQL Vulnerability Exposes Supply Chain Attack Risk
• 1 min read
A security flaw in GitHub CodeQL temporarily exposed a privileged token that could enable supply chain attacks affecting thousands of repositories. The vulnerability allowed potential code execution and data theft through GitHub Actions workflows, though GitHub's swift response prevented any known compromises.