Tag: CI/CD Security

Security researchers have uncovered malicious npm packages linked to North Korea that impersonate Rollup polyfill tools to deliver remote access malware and steal developer credentials and sensitive data.
Security researchers have disclosed seven vulnerabilities in FatFs filesystem library used in embedded devices, exposing risks across IoT systems including cameras, drones, industrial controllers, and more.

Claude Code GitHub Action Flaw Exposed Public Repositories To Repository Hijacking Risks

A security flaw in Anthropic’s Claude Code GitHub Action allowed attackers to potentially hijack public repositories through a single malicious GitHub issue.

Miasma Supply Chain Attack Compromises Red Hat npm Packages To Steal Credentials And Spread Self Propagating Malware

A new supply chain attack called Miasma has compromised Red Hat npm packages to steal credentials, target CI/CD environments, and deploy a self propagating malware campaign affecting developers and cloud systems.

Compromised GitHub Action Tags Used To Steal CI/CD Credentials In Software Supply Chain Attack

Threat actors compromised popular GitHub Actions workflows to exfiltrate CI/CD credentials through malicious code, raising concerns around software supply chain security and GitHub repository integrity.

Recent articles

spot_img