两个10.0严重级别的Spinnaker漏洞让攻击者获得RCE和生产环境访问权限
研究人员发现Spinnaker平台存在两个CVSS评分为10.0的严重漏洞,攻击者可通过这些漏洞实现远程代码执行并直接访问生产环境,对企业持续交付流水线构成重大威胁。
相关报道
A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted to text-message phishing attacks in 2022 that allowed the group to hack major technology companies and steal tens of millions in cryptocurrency.