Port 22

Weaponizing Dependabot Exploiting GitHub Automation for Supply Chain Attacks

Attackers are now exploiting GitHub’s Dependabot to inject malicious code through pull request workflows. Learn how this happens and what real-world impact it can cause.