The pull request A threat actor was able to exploit an inappropriately scoped GitHub token in the managed AWS CodeBuild development tool, and with that, commit malicious code into the extension's ...