@wdormann sending the content of env vars back to Snyk should have been a no go, because they would have almost certainly contained secrets of CI environments or dev systems, if a dependency confusion attack were successful.
=> More informations about this toot | View the thread | More toots from thepwnicorn@infosec.exchange
=> View wdormann@infosec.exchange profile
text/geminiThis content has been proxied by September (3851b).