GitHub employees fixed a critical remote code execution vulnerability in less than six hours last month. Wiz Research used AI models to uncover a vulnerability in GitHub's internal git infrastructure that could have allowed attackers to access millions of public and private code repositories.
"Our security team immediately began validating the bug bounty report. Within 40 minutes, we had reproduced the vulnerability internally and confirmed the severity," explains Alexis Wales, GitHub chief information security officer. "This was a critical issue that required immediate action."
GitHub's engineering team developed a fix and deployed it jus …
Read the full story at The Verge.
from The Verge https://ift.tt/c4pOft0
via IFTTT
EmoticonEmoticon