How CodeRabbit was Exploited

I came across this really interesting article by Kudelski security.

👉 How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories - Kudelski Security Research Center

They’ve walked through step by step on how the got access to their system, things they got access to, etc.

And it’s a good lesson for us to keep our apps more secure.