{"id":86364,"date":"2026-07-07T16:32:00","date_gmt":"2026-07-07T13:32:00","guid":{"rendered":"https:\/\/www.indir.com\/haber\/?p=86364"},"modified":"2026-07-07T12:34:24","modified_gmt":"2026-07-07T09:34:24","slug":"kasperskyden-kritik-siber-uyari","status":"publish","type":"post","link":"https:\/\/www.indir.com\/haber\/kasperskyden-kritik-siber-uyari\/","title":{"rendered":"Kaspersky&#8217;den Kritik Siber Uyar\u0131"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Siber g\u00fcvenlik \u00f6nlemleri Kaspersky, yaz\u0131l\u0131m \u00fcretim d\u00f6ng\u00fclerinde s\u0131k s\u0131k ba\u015fvurulan GitHub Actions i\u015f ak\u0131\u015flar\u0131n\u0131 paketten alan gizli bir insanlardan insanlarla halkla payla\u015f\u0131l\u0131yor. Ger\u00e7ekle\u015ftirilen taramalarda , sevilen a\u00e7\u0131k projelerde \u00e7eyrek milyonu a\u015fk\u0131n potansiyel g\u00fcvenlik a\u00e7\u0131klar\u0131 mevcutken, y\u00fcksek risk bar\u0131nd\u0131rma oranlar\u0131 \u00e7al\u0131\u015f\u0131r durumdayken sekiz farkl\u0131 depo da kay\u0131tlara ge\u00e7ti. Elde edilen bu sonu\u00e7ta , yaz\u0131l\u0131m tedarik zincirini hedef alan sald\u0131r\u0131lar\u0131n ne denli ciddi bir tehlike te\u015fkil etti\u011fi bir kez daha do\u011frulanm\u0131\u015f oldu.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"409\" height=\"349\" src=\"http:\/\/www.indir.com\/haber\/wp-content\/uploads\/2026\/07\/1_tr.png\" alt=\"30 Bin Depo ve 130 Binden Fazla \u0130\u015f Ak\u0131\u015f\u0131 Analiz Edildi\" class=\"wp-image-86372\" title=\"\"><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">\u00c7ok Fazla Kullan\u0131c\u0131 Analiz Edildi<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Kaspersky&#8217;nin K\u00fcresel Ara\u015ft\u0131rma ve Analiz Ekibi (GReAT), GitHub \u00fczerindeki en y\u00fcksek y\u0131ld\u0131z noktas\u0131ndan 30 bin depoda yer alan 130 bin a\u015fk\u0131n GitHub Actions i\u015f art\u0131\u015flar\u0131n\u0131 inceledi. Konteyner s\u0131n\u0131rlama G\u00fcvenlik sistemi dahil edilen orijinal tarama kriterlerinin \u00f6l\u00e7\u00fcld\u00fc\u011f\u00fc, s\u00fcrekli entegrasyon ve s\u00fcrekli teslimat (CI\/CD) mekanizmalar\u0131nda 250 binden fazla olas\u0131 ar\u0131za hatas\u0131na rastland\u0131. G\u00f6zlemlenen depolar\u0131n yaln\u0131zca y\u00fczde 10 civar\u0131ndaki b\u00f6l\u00fcm\u00fcnde herhangi bir g\u00fcvenlik verilip verilmedi\u011fi ifade edilirken, incelemeye dahil edilen di\u011fer t\u00fcm b\u00f6l\u00fcmlerde farkl\u0131 derecelerde riskin mevcut oldu\u011fu vurguland\u0131.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">En \u00d6nemli Risk Fakt\u00f6r\u00fc Hatal\u0131 Yap\u0131land\u0131rmalar<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Ara\u015ft\u0131rma sonu\u00e7lar\u0131na g\u00f6re, g\u00fcvenlikle ilgili talimatlar en kronik sorunlar aras\u0131nda a\u015f\u0131r\u0131 geni\u015f eri\u015fim yetkilendirmeleri, \u00f6zg\u00fcrl\u00fcklerin belirli s\u00fcr\u00fcmlere sabitlenmemi\u015f olmas\u0131 ve i\u015f kay\u0131tlar\u0131ndaki eksiklikler ba\u015f\u0131 \u00e7ekiyor. Nadir g\u00f6r\u00fclmesine ra\u011fmen daha tehlikeli kabul edilen durumlar aras\u0131nda ise hassas kay\u0131tl\u0131 \u015fifrelenmeden kopma, g\u00fcvensiz \u00e7al\u0131\u015fma ortamlar\u0131 ve d\u0131\u015f kaynakl\u0131 kay\u0131ttan yeterli denetimden ge\u00e7irilmeden sistem bulundurulmas\u0131 bulunuyor. Bu t\u00fcr zaaflar, k\u00f6t\u00fc niyetli ki\u015filerin geli\u015fmesi, evrelerine zararl\u0131 yaz\u0131l\u0131mlar\u0131n s\u0131zd\u0131r\u0131lmas\u0131na veya hassas sistemlere giri\u015f yap\u0131lmas\u0131na imkan tan\u0131yabiliyor.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"596\" height=\"335\" src=\"http:\/\/www.indir.com\/haber\/wp-content\/uploads\/2026\/07\/images-3-2.jpg\" alt=\"Yaz\u0131l\u0131m Tedarik Zincirine Y\u00f6nelik Sald\u0131r\u0131lar Y\u00fckseli\u015fte\" class=\"wp-image-86373\" title=\"\"><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Yaz\u0131l\u0131m Tedarik Zincirine Y\u00f6nelik Sald\u0131r\u0131lar Y\u00fckseli\u015fte<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Kaspersky, ge\u00e7mi\u015fte vuku bulan yaz\u0131l\u0131m tedarik zinciri sald\u0131r\u0131lar\u0131n\u0131n, Bluetooth&#8217;tan ge\u00e7en risklerin ne kadar kritik bir seviyeye ula\u015ft\u0131\u011f\u0131n\u0131 g\u00f6zler \u00f6n\u00fcne serdi\u011fini savunuyor. \u00d6zellikle May\u0131s 2026 i\u00e7erisinde 170&#8217;i a\u015fk\u0131n npm ve PyPI paketini olumsuz etkileyen Mini Shai-Hulud sald\u0131r\u0131lar\u0131, GitHub Actions platformundaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n nas\u0131l birer istismar kap\u0131s\u0131na d\u00f6n\u00fc\u015fme \u00f6zellikleriydi. Uzmanlar, yaz\u0131l\u0131mc\u0131lar\u0131n CI\/CD s\u00fcre\u00e7lerini d\u00fczenli olarak g\u00f6zden ge\u00e7irmelerini , eri\u015fim yetkilerini minimuma indirmelerinin ve g\u00fcvenlik \u00f6zellikleri g\u00fcncel k\u0131lmalar\u0131n\u0131n, olas\u0131 tehditlere kar\u015f\u0131 al\u0131nabilecek en koruyucu oldu\u011funu ifade ediyor.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Siber g\u00fcvenlik \u00f6nlemleri Kaspersky, yaz\u0131l\u0131m \u00fcretim d\u00f6ng\u00fclerinde s\u0131k s\u0131k ba\u015fvurulan GitHub Actions i\u015f ak\u0131\u015flar\u0131n\u0131 paketten alan gizli bir insanlardan insanlarla halkla payla\u015f\u0131l\u0131yor. Ger\u00e7ekle\u015ftirilen taramalarda , sevilen a\u00e7\u0131k projelerde \u00e7eyrek milyonu a\u015fk\u0131n potansiyel g\u00fcvenlik a\u00e7\u0131klar\u0131 mevcutken, y\u00fcksek risk bar\u0131nd\u0131rma oranlar\u0131 \u00e7al\u0131\u015f\u0131r durumdayken sekiz farkl\u0131 depo da kay\u0131tlara ge\u00e7ti. Elde edilen bu sonu\u00e7ta , yaz\u0131l\u0131m tedarik zincirini [&hellip;]<\/p>\n","protected":false},"author":96,"featured_media":86370,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[80,63,2241,108],"class_list":["post-86364","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji","tag-android","tag-iphone","tag-kaspersky","tag-windows"],"_links":{"self":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts\/86364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/comments?post=86364"}],"version-history":[{"count":3,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts\/86364\/revisions"}],"predecessor-version":[{"id":86376,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts\/86364\/revisions\/86376"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/media\/86370"}],"wp:attachment":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/media?parent=86364"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/categories?post=86364"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/tags?post=86364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}