1. 16 GitHub Workflows Found Vulnerable to Unauthorized Comment-Triggered Execution, Affecting 1,451 Instances
A critical security misconfiguration has been identified across multiple GitHub repositories where workflows triggered by user comments lack proper authorization verification, potentially allowing arbitrary external users to execute privileged operations. The vulnerability, designated RGS-004, was detected in 16 unique...