Cisco (CSCO) has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers, BleepingComputer’s Lawrence Abrams reports. A source told BleepingComputer that Cisco’s Unified Intelligence Center, CSIRT, and EOC teams contained the breach involving a malicious “GitHub Action plugin” from the recent Trivy compromise. The attackers used the malicious GitHub Action to steal credentials and data from the company’s build and development environment, impacting dozens of devices, including some developer and lab workstations, the publication added.
Claim 30% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
Published first on TheFly – the ultimate source for real-time, market-moving breaking financial news. Try Now>>
Read More on CSCO:
- Cisco initiated with a Buy at Truist
- The Week That Was, The Week Ahead: Macro and Markets, Mar. 29
- Quantum Computing News: Google and Cisco Lead Shift Toward Quantum Networks, Security, and Real World Scale
- DA Davidson analysts hold an analyst/industry conference call
- IPO Prospect Databricks Buys Two Startups to Power New AI Security Platform