{"id":38081,"date":"2020-11-03T14:36:57","date_gmt":"2020-11-03T14:36:57","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31722\/Google-Stands-Firm-Against-GitHubs-Failure-To-Address-High-Severity-Security-Bug.html"},"modified":"2020-11-03T14:36:57","modified_gmt":"2020-11-03T14:36:57","slug":"google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/","title":{"rendered":"Google Stands Firm Against GitHub&#8217;s Failure To Address High Severity Security Bug"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/zdnet2.cbsistatic.com\/hub\/i\/r\/2020\/11\/03\/ae5b53ee-0ef6-4b69-a6bb-772753de1bc8\/thumbnail\/770x578\/743a6a3ff4fa63138d9caf7dbf1fd1d6\/developeristock-917697144a.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Google Project Zero, the Google security team that finds bugs in all popular software, has disclosed what it classes a high-severity flaw on GitHub after the code-hosting site asked for a double extension on the normal 90-day disclosure deadline.<\/p>\n<p>The bug in GitHub&#8217;s Actions feature \u2013 a developer workflow automation tool \u2013 has become one of the rare vulnerabilities that wasn&#8217;t properly fixed before Google Project Zero&#8217;s (GPZ) standard 90-day deadline expired. Over 95.8% of flaws are fixed within the deadline, <a href=\"https:\/\/www.zdnet.com\/article\/google-project-zero-95-8-of-all-bug-reports-are-fixed-before-deadline-expires\/\">according to Google&#8217;s hackers<\/a>. &nbsp; &nbsp;<\/p>\n<p>GPZ is known to be generally strict with its 90-day deadline, but it appears GitHub was a little lax in its responses as the deadline approached after Google gave it every chance to fix the bug.<\/p>\n<p><strong>SEE: <\/strong><a href=\"https:\/\/www.techrepublic.com\/resource-library\/whitepapers\/virtual-hiring-tips-for-job-seekers-and-recruiters-free-pdf\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\"><strong>Virtual hiring tips for job seekers and recruiters (free PDF)<\/strong><\/a><strong> (TechRepublic)<\/strong><\/p>\n<p>As <a href=\"https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=2070&amp;can=2&amp;q=&amp;colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&amp;cells=ids\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">detailed in a disclosure timeline by GPZ&#8217;s Felix Wilhelm<\/a>, the Google security team reported the issue to GitHub&#8217;s security on July 21 and a disclosure date was set for October 18.&nbsp;<\/p>\n<p>According to Wilhelm, Actions&#8217; workflow commands are &#8220;highly vulnerable to injection attacks&#8221;.<\/p>\n<p>&#8220;As the runner process parses every line printed to STDOUT looking for workflow commands, every GitHub action that prints untrusted content as part of its execution is vulnerable. In most cases, the ability to set arbitrary environment variables results in remote code execution as soon as another workflow is executed,&#8221; wrote Wilhelm.&nbsp;<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_zd_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\"> <\/section>\n<p>&#8220;I&#8217;ve spent some time looking at popular GitHub repositories and almost any project with somewhat complex GitHub actions is vulnerable to this bug class.&#8221;<\/p>\n<p>GitHub issued <a href=\"https:\/\/github.blog\/changelog\/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">an advisory on October 1<\/a> and deprecated the vulnerable commands, but argued that what Wilhelm had found was in fact a &#8220;moderate security vulnerability&#8221;. GitHub assigned the bug the tracking identifier CVE-2020-15228. &nbsp;<\/p>\n<p>On October 12, GPZ contacted GitHub and proactively offered it a 14-day grace period if GitHub wanted more time to disable the vulnerable commands, according to Wilhelm.&nbsp;<\/p>\n<p>GitHub then took up the offer of a grace period, and per Wilhelm, it hoped to disable the vulnerable commands after October 19. GPZ then set the new disclosure date to November 2.&nbsp;<\/p>\n<p>Then on October 28, GPZ alerted GitHub that the deadline was expiring the following week but got no response.&nbsp;<\/p>\n<p>Due to lack of official response from GitHub, Project Zero contacted informal GitHub contacts who said &#8220;the issue is considered fixed and that [GPZ] are clear to go public on 2020-11-02 as planned&#8221;, explained Wilhelm.&nbsp;<\/p>\n<p><strong>SEE: <\/strong><a href=\"https:\/\/www.zdnet.com\/article\/these-10-tech-predictions-could-mean-huge-changes-ahead\/\"><strong>10 tech predictions that could mean huge changes ahead<\/strong><\/a><\/p>\n<p>But then a day before deadline, GitHub gave its official response and requested a further two days to notify customers of a fix at a future date.&nbsp;<\/p>\n<p>&#8220;GitHub responds and mentions that they won&#8217;t be disabling the vulnerable commands by 2020-11-02. They request an additional 48 hours, not to fix the issue, but to notify customers and determine a &#8216;hard date&#8217; at some point in the future,&#8221; wrote Wilhelm.&nbsp;<\/p>\n<p>So GPZ on Monday proceeded to disclose the bug it reported because it can&#8217;t, as per its policy, offer an extension beyond the 104 days \u2013 90 days plus 14 days&#8217; grace.&nbsp;<\/p>\n<p>&#8220;Grace periods will not be granted for vulnerabilities that are expected to take longer than 104 days to fix,&#8221; <a href=\"https:\/\/googleprojectzero.blogspot.com\/2020\/01\/policy-and-disclosure-2020-edition.html\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Google Project Zero states on its 2020 disclosure policy<\/a>.&nbsp;<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31722\/Google-Stands-Firm-Against-GitHubs-Failure-To-Address-High-Severity-Security-Bug.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":38082,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[9029],"class_list":["post-38081","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinemicrosoftflawgoogle"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Google Stands Firm Against GitHub&#039;s Failure To Address High Severity Security Bug 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google Stands Firm Against GitHub&#039;s Failure To Address High Severity Security Bug 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-03T14:36:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Google Stands Firm Against GitHub&#8217;s Failure To Address High Severity Security Bug\",\"datePublished\":\"2020-11-03T14:36:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/\"},\"wordCount\":563,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg\",\"keywords\":[\"headline,microsoft,flaw,google\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/\",\"name\":\"Google Stands Firm Against GitHub's Failure To Address High Severity Security Bug 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg\",\"datePublished\":\"2020-11-03T14:36:57+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,microsoft,flaw,google\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/headlinemicrosoftflawgoogle\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Google Stands Firm Against GitHub&#8217;s Failure To Address High Severity Security Bug\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Google Stands Firm Against GitHub's Failure To Address High Severity Security Bug 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/","og_locale":"en_US","og_type":"article","og_title":"Google Stands Firm Against GitHub's Failure To Address High Severity Security Bug 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-11-03T14:36:57+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Google Stands Firm Against GitHub&#8217;s Failure To Address High Severity Security Bug","datePublished":"2020-11-03T14:36:57+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/"},"wordCount":563,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg","keywords":["headline,microsoft,flaw,google"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/","url":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/","name":"Google Stands Firm Against GitHub's Failure To Address High Severity Security Bug 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg","datePublished":"2020-11-03T14:36:57+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug.jpg","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/google-stands-firm-against-githubs-failure-to-address-high-severity-security-bug\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,microsoft,flaw,google","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinemicrosoftflawgoogle\/"},{"@type":"ListItem","position":3,"name":"Google Stands Firm Against GitHub&#8217;s Failure To Address High Severity Security Bug"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38081","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=38081"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38081\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/38082"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=38081"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=38081"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=38081"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}