Two Missing Characters: How a Regex Flaw Exposed AWS GitHub Repos to Supply-Chain Risk

AWS recently published a security bulletin acknowledging a configuration issue affecting some popular AWS-managed open-source GitHub repositories. Dubbed CodeBreach, the critical vulnerability could have resulted in the introduction of malicious code and hijacking of the repositories leveraging AWS CodeBuild.

By Renato Losio