{"id":1333,"date":"2024-08-15T10:33:52","date_gmt":"2024-08-15T10:33:52","guid":{"rendered":"https:\/\/www.tsfactory.com\/forums\/?p=1333"},"modified":"2024-08-15T10:33:52","modified_gmt":"2024-08-15T10:33:52","slug":"github-vulnerability-artipacked-exposes-repositories-to-potential-takeover","status":"publish","type":"post","link":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/","title":{"rendered":"GitHub Vulnerability ‘ArtiPACKED’ Exposes Repositories to Potential Takeover"},"content":{"rendered":"

A newly discovered attack vector in GitHub Actions artifacts dubbed ArtiPACKED could be exploited to take over repositories and gain access to organizations’ cloud environments.<\/p>\n

“A combination of misconfigurations and security flaws can make artifacts leak tokens, both of third party cloud services and GitHub tokens, making them available for anyone with read access to the repository to consume,” Palo Alto Networks Unit 42 researcher Yaron Avital said in a report published this week.<\/p>\n

“This allows malicious actors with access to these artifacts the potential of compromising the services to which these secrets grant access.”<\/p>\n

The cybersecurity company said it primarily observed the leakage of GitHub tokens (e.g., GITHUB_TOKEN and ACTIONS_RUNTIME_TOKEN), which could not only give malicious actors unauthorized access to the repositories, but also grant them the ability to poison the source code and get it pushed to production via CI\/CD workflows.<\/p>\n

Artifacts in GitHub allow users to share data between jobs in a workflow and persist that information after it has been completed for 90 days. This can include builds, log files, core dumps, test outputs, and deployment packages.<\/p>\n

Read the Full Story Here<\/a><\/p>\n

Source: The Hacker News<\/p>\n","protected":false},"excerpt":{"rendered":"

A newly discovered attack vector in GitHub Actions artifacts dubbed ArtiPACKED could be exploited to take over repositories and gain access to organizations’ cloud environments. “A combination of misconfigurations and security flaws can make artifacts leak tokens, both of third party cloud services and GitHub tokens, making them available for anyone with read access to […]<\/p>\n","protected":false},"author":2,"featured_media":1334,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1333","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"yoast_head":"\nGitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover - Community<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover - Community\" \/>\n<meta property=\"og:description\" content=\"A newly discovered attack vector in GitHub Actions artifacts dubbed ArtiPACKED could be exploited to take over repositories and gain access to organizations’ cloud environments. “A combination of misconfigurations and security flaws can make artifacts leak tokens, both of third party cloud services and GitHub tokens, making them available for anyone with read access to […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/\" \/>\n<meta property=\"og:site_name\" content=\"Community\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/TSFactoryLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-08-15T10:33:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"853\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chelsie Wyatt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:site\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chelsie Wyatt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/\",\"name\":\"GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover - Community\",\"isPartOf\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg\",\"datePublished\":\"2024-08-15T10:33:52+00:00\",\"author\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#primaryimage\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg\",\"contentUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg\",\"width\":1280,\"height\":853},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.tsfactory.com\/forums\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GitHub Vulnerability ‘ArtiPACKED’ Exposes Repositories to Potential Takeover\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/\",\"name\":\"Community\",\"description\":\"TSFactory\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\",\"name\":\"Chelsie Wyatt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"caption\":\"Chelsie Wyatt\"},\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover - Community","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/","og_locale":"en_US","og_type":"article","og_title":"GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover - Community","og_description":"A newly discovered attack vector in GitHub Actions artifacts dubbed ArtiPACKED could be exploited to take over repositories and gain access to organizations’ cloud environments. “A combination of misconfigurations and security flaws can make artifacts leak tokens, both of third party cloud services and GitHub tokens, making them available for anyone with read access to […]","og_url":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/","og_site_name":"Community","article_publisher":"https:\/\/www.facebook.com\/TSFactoryLLC\/","article_published_time":"2024-08-15T10:33:52+00:00","og_image":[{"width":1280,"height":853,"url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg","type":"image\/jpeg"}],"author":"Chelsie Wyatt","twitter_card":"summary_large_image","twitter_creator":"@TSFactoryLLC","twitter_site":"@TSFactoryLLC","twitter_misc":{"Written by":"Chelsie Wyatt","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/","url":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/","name":"GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover - Community","isPartOf":{"@id":"https:\/\/www.tsfactory.com\/forums\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#primaryimage"},"image":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#primaryimage"},"thumbnailUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg","datePublished":"2024-08-15T10:33:52+00:00","author":{"@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f"},"breadcrumb":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#primaryimage","url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg","contentUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg","width":1280,"height":853},{"@type":"BreadcrumbList","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/github-vulnerability-artipacked-exposes-repositories-to-potential-takeover\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.tsfactory.com\/forums\/"},{"@type":"ListItem","position":2,"name":"GitHub Vulnerability ‘ArtiPACKED’ Exposes Repositories to Potential Takeover"}]},{"@type":"WebSite","@id":"https:\/\/www.tsfactory.com\/forums\/#website","url":"https:\/\/www.tsfactory.com\/forums\/","name":"Community","description":"TSFactory","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f","name":"Chelsie Wyatt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","caption":"Chelsie Wyatt"},"url":"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/"}]}},"_links":{"self":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1333","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/comments?post=1333"}],"version-history":[{"count":1,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1333\/revisions"}],"predecessor-version":[{"id":1335,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1333\/revisions\/1335"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media\/1334"}],"wp:attachment":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media?parent=1333"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/categories?post=1333"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/tags?post=1333"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}