Google’s Gerrit Code Platform Vulnerability Allows Hack of 18 Google Projects Including ChromiumOS

cybersecuritynews.com

Google’s Gerrit Code Platform Vulnerability Allows Hack of 18 Google Projects Including ChromiumOS

cybersecuritynews.com

Resident Pulser@infosec.pubB to

Pulse of Truth@infosec.pubEnglish · 26 days ago

Just a moment...

cybersecuritynews.com

A critical supply chain vulnerability dubbed “GerriScary” (CVE-2025-1568) that could have allowed attackers to inject malicious code into at least 18 major Google projects, including ChromiumOS, Chromium, Dart, and Bazel. The vulnerability uncovered by Tenable security researcher Liv Matan exploits the misconfigurations in Google’s Gerrit code collaboration platform, enabling unauthorized users to compromise trusted software […] The post Google’s Gerrit Code Platform Vulnerability Allows Hack of 18 Google Projects Including ChromiumOS appeared first on Cyber Security News.

You must log in or register to comment.

Chat

Pulse of Truth@infosec.pub

pulse_of_truth@infosec.pub

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !pulse_of_truth@infosec.pub

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

31 users / day
233 users / week
789 users / month
1.88K users / 6 months
1 local subscriber
1.33K subscribers
638 Posts
404 Comments
Modlog

mods:
krogoth@infosec.pub