Google has rolled out urgent security updates for its Gemini CLI and the accompanying GitHub Action to address a critical vulnerability. Tracked as GHSA-wpqr-6v78-jr5g, this flaw exposes continuous integration and continuous deployment (CI/CD) pipelines to Remote Code Execution (RCE) attacks. Improper handling of workspace trust and tool allowlisting allows malicious actors to compromise automated workflows, […]

The post Critical Gemini CLI Flaw Raises Supply Chain Security Concerns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/critical-gemini-cli-flaw/