ci-cd
26 articles with this tag
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
INFO
INFO
HIGH
HIGH
CRITICAL
HIGH
HIGH
MEDIUM
INFO
HIGH
CRITICAL
INFO
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
GitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 repos
Megalodon chums the waters in 5.5K+ GitHub repo poisonings
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
GitHub Actions Cache Poisoning is eating open source
Grafana Labs Says Code Breach Stemmed from TanStack Attack
Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft
Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft
Trusted by default: The npm attack pattern security teams miss
Mini Shai-Hulud Hits TanStack npm Packages
Build Application Firewalls Aim to Stop the Next Supply Chain Attack
Securing CI/CD for an open source project: lessons from Cilium
[NEU] [hoch] Jenkins Plugins: Mehrere Schwachstellen
SAP npm package attack highlights risks in developer tools and CI/CD pipelines
CI/CD pipeline abuse: the problem no one is watching
Week in review: Claude Mythos finds 271 Firefox flaws, Vercel breach
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ...
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
How a Poisoned Security Scanner Became the Key to Backdooring LiteLLM
⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More
Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps
Trivy vulnerability scanner backdoored with credential stealer in supply chain attack
Trivy Under Attack Again: Widespread GitHub Actions Tag Compromise Exposes CI/CD Secrets Attackers
From Scanner to Stealer: Inside the trivy-action Supply Chain Compromise
Jenkins Multiple Vulnerabilities
NCSC-2026-0093 [1.00] [M/H] Kwetsbaarheden verholpen in GitLab