{"id":40611,"date":"2021-04-26T14:08:22","date_gmt":"2021-04-26T14:08:22","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/32231\/Homebrew-Fixes-Cask-Repo-GitHub-Actions-Bug-That-Would-Have-Let-Anyone-Sneak-Malicious-Code-Onto-Machines.html"},"modified":"2021-04-26T14:08:22","modified_gmt":"2021-04-26T14:08:22","slug":"homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/","title":{"rendered":"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines"},"content":{"rendered":"<p><span data-label=\"in brief\">In Brief<\/span> The Homebrew package manager for macOS and Linux has fixed an issue that could have been exploited by miscreants to run malicious code on people&#8217;s computers.<\/p>\n<p>Specifically, the project&#8217;s GitHub Actions setup could have been abused to sneak arbitrary Ruby code into its <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/github.com\/Homebrew\/homebrew-cask\">Cask<\/a> repositories, security researcher RyotaK <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/blog.ryotak.me\/post\/homebrew-security-incident-en\/\">discovered and disclosed<\/a> via HackerOne.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",banner_plus,fluid,mpu\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The infosec bod found it was possible to merge a &#8220;malicious pull request by confusing the library that is used in the automated pull request review script developed by the Homebrew project. By abusing it, an attacker could execute arbitrary Ruby codes on users&#8217; machines.&#8221;<\/p>\n<p>According to the Homebrew folks, the vulnerability was <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/github.com\/Homebrew\/homebrew-cask\/pull\/104191\">exploited<\/a> in a harmless proof-of-code test by RyotaK, with permission and reversed \u2013 and the hole was addressed.<\/p>\n<p>&#8220;The vulnerable review-cask-pr GitHub Action has been disabled and removed from all repositories,&#8221; the project&#8217;s Markus Reiter said in <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/brew.sh\/2021\/04\/21\/security-incident-disclosure\/\">an advisory<\/a> this week.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu_plusplus,\" data-sm=\",mpu_plusplus,\" data-md=\",mpu_plusplus,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;We have removed the ability for our bots to commit to homebrew\/cask* repositories,&#8221; he added, among other listed mitigations.<\/p>\n<p>A lesson to be learned for anyone writing and deploying GitHub Actions scripts.<\/p>\n<h3 class=\"crosshead\"> <span>Uncle Sam better late than never with anti-ransomware pledge<\/span><br \/>\n<\/h3>\n<p>The US government has signaled it intends to get tough on ransomware, saying it has to &#8220;break the cycle&#8221; of payoffs that lead to more infections and extortion.<\/p>\n<p>Uncle Sam&#8217;s newly formed Ransomware and Digital Extortion Task Force will &#8220;bring all of the [Department of Justice&#8217;s] resources to bear to bolster our all-tools approach and work with our partners here and abroad to combat the threat of ransomware and digital extortion, and to ensure that we hold those who participate in the propagation of these crimes responsible and accountable,&#8221; according to a <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.wsj.com\/articles\/ransomware-targeted-by-new-justice-department-task-force-11619014158\">leaked memo<\/a> from Acting Deputy Attorney General John Carlin.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",dbutton,mpu_plus,dmpu,\" data-sm=\",dbutton,mpu_plus,dmpu,\" data-md=\",dbutton,mpu_plus,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>\u201cWhen criminals target critical infrastructure such as hospitals, utilities, and municipal networks, their activity jeopardizes the safety and health of Americans.\u201d<\/p>\n<p>Carlin&#8217;s note gets to the crux of the matter: paying off file-scrambling criminals doesn&#8217;t work in the long run. This also comes after businesses have received <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2019\/10\/03\/fbi_softens_stance_on_ransomware\/\" rel=\"noopener noreferrer\">mixed<\/a> <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2020\/08\/06\/ncsc_cyber_insurance_guidance\/\" rel=\"noopener noreferrer\">messages<\/a> on how to handle ransomware infections from the US and UK governments.<\/p>\n<p>Maybe we&#8217;ll get some action on a crimeware epidemic that&#8217;s upending lives and sucking money out of the global economy. We note that America&#8217;s task force seems more built around the prosecution of the malware&#8217;s makers than securing networks, software, and people from extortion in the first place, which is the long-term hard problem to solve&#8230; if that&#8217;s even possible.<\/p>\n<h3 class=\"crosshead\"> <span>Mozilla fixes HTTPS spoofing issue<\/span><br \/>\n<\/h3>\n<p>Firefox 88 <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.mozilla.org\/en-US\/firefox\/88.0\/releasenotes\/\">is out<\/a> and within the code is a fix for an HTTPS spoofing flaw. The issue, <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.rapid7.com\/db\/vulnerabilities\/mfsa2021-16-cve-2021-23998\/\">CVE-2021-23998<\/a>, could be exploited by a plain-text HTTP to appear to be HTTPS-protected by showing the familiar padlock in the address bar.<\/p>\n<p>In all, six high-severity bugs were fixed in the update, and a host of lesser ones. Other changes include disabling FTP support, and isolating window.name data to block some cross-site privacy leaks.<\/p>\n<h3 class=\"crosshead\"> <span>Aircraft booking biz hit by malware<\/span><br \/>\n<\/h3>\n<p>Not that many people are flying these days, and times just got a little tougher for flight-booking software provider Radixx, which has been hit by a malware infection.<\/p>\n<p>The offshoot of SABRE, the booking system developed for American Airlines in the 1950s that grew to control how and when most of us fly, was <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/apnews.com\/article\/airlines-malware-technology-business-b523dc031e06207f63a15094c01d8e25\">knocked offline<\/a> in a multi-day outage by the software nasty, affecting about 20 low-cost airlines globally. SABRE&#8217;s core system haven&#8217;t been harmed.<\/p>\n<p>&#8220;Radixx Res has experienced an event impacting its Radixx reservation system,&#8221; <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.radixx.com\/news\/radixx-announces-security-incident-impacting-radixx-res\/\">it said<\/a> on Thursday. &#8220;The company is in the process of restoring service to the approximately 20 Radixx airline customers affected by this event.&#8221; \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/32231\/Homebrew-Fixes-Cask-Repo-GitHub-Actions-Bug-That-Would-Have-Let-Anyone-Sneak-Malicious-Code-Onto-Machines.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[4207],"class_list":["post-40611","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-blogs","tag-headlinehackerbackdoor"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-26T14:08:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines\",\"datePublished\":\"2021-04-26T14:08:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/\"},\"wordCount\":639,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"keywords\":[\"headline,hacker,backdoor\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/\",\"name\":\"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2021-04-26T14:08:22+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,backdoor\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerbackdoor\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/","og_locale":"en_US","og_type":"article","og_title":"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-04-26T14:08:22+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines","datePublished":"2021-04-26T14:08:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/"},"wordCount":639,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","keywords":["headline,hacker,backdoor"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/","url":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/","name":"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2021-04-26T14:08:22+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIdURtFRlkGpqaChKSHCqQAAAEw&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/homebrew-fixes-cask-repo-github-actions-bug-that-would-have-let-anyone-sneak-malicious-code-onto-machines\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,backdoor","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerbackdoor\/"},{"@type":"ListItem","position":3,"name":"Homebrew Fixes Cask Repo GitHub Actions Bug That Would Have Let Anyone Sneak Malicious Code Onto Machines"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40611","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=40611"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40611\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=40611"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=40611"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=40611"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}