WEBINAR

Unpacking CodeQLEAKED

A Potential Supply Chain Attack on GitHub CodeQL

Praetorian Staff Security Engineer, John Stawinski, recently discovered a vulnerability in GitHub’s CodeQL where a token was exposed for just 1.022 seconds. In that brief window, he was able to demonstrate how an attacker could push code to the CodeQL Actions GitHub repository and modify CodeQL’s trusted tags to gain access to private repositories using CodeQL.

The research highlights GitHub Actions secret exposure, race conditions, and third-party action abuse, leading to CVE-2025-24362.

While GitHub’s rapid response has fixed this vulnerability and found no evidence of exploitation, its existence underscores the importance of CI/CD security vigilance.

This webinar offers a comprehensive breakdown of this vulnerability, a walkthrough on how it was discovered, and a demo of how you can find similar vulnerabilities in the future.

Platform

Penetration Testing Services

Advanced Offensive Security

Managed Services

Customer Case Studies

Resources

Use Cases

About Praetorian

Join Praetorian

Platform

Penetration Testing Services

Advanced Offensive Security

Managed Services

Customer Case Studies

Resources

Use Cases

About Praetorian

Join Praetorian

Unpacking CodeQLEAKED

A Potential Supply Chain Attack on GitHub CodeQL

Continuous Threat Exposure Management

Professional Services

Use Cases

Company

Subscribe to our Newsletter