|
|
|
|
|
|
by mardifoufs
892 days ago
|
|
|
In an earlier article about the exploitation of GitHub actions in general (which this specific attack on pytorch is part of) they said: >So far, we’ve submitted over 20 bug bounty reports, raking in hundreds of thousands of dollars in bounties. So I think this is part of a chain of bounties? Though that can still be argued to be a bit too low for how powerful this exploit could be :) |
|
|