この記事は日本語でも投稿されています: https://blog.ryotak.net/post/homebrew-security-incident/ (もし日本語が読める場合、筆者は英語がそこまで得意ではないため、日本語の記事を読むことをお勧めします。) (Official blog post about this incident is available here: https://brew.sh/2021/04/21/security-incident-disclosure/) Preface Homebrew project is running a “Vulnerability Disclosure Program” on HackerOne, which allows hackers to...| blog.ryotak.net
On 18th April 2021, a security researcher identified a vulnerability in our review-cask-pr GitHub Action used on the homebrew-cask and all homebrew-cask-* taps (non-default repositories) in the Homebrew organization and reported it on our HackerOne.| Homebrew