Categories

Subscribe to Feed

Latest Posts

Showing 0 Items

Suspicious Tag Movement in AWS’s GitHub Action: What Happened and Why It Matters

How an AWS release rollback triggered the same red flags as a supply chain attack — and why treating every tag movement as suspicious is key to protecting your CI/CD pipelines

When 'Changed Files' Changed Everything: Our Black Hat 2025 Presentation on the tj-actions Supply Chain Breach

We reveal how baseline-driven monitoring caught one of 2025's most consequential CI/CD supply chain attacks, exposing the vulnerability of 23,000+ repositories including those from GitHub, Meta, and Microsoft.

8 GitHub Actions Secrets Management Best Practices to Follow

Explore how to use GitHub Actions secrets securely by restricting organizational secrets, using secrets exclusively for sensitive data, and implementing least privileged access.

Lessons from AWS CodeBuild’s Memory-Dump Incident (CVE-2025-8217)

How threat actors exploited AWS CodeBuild pipelines by stealing secrets from CI/CD memory—and the proactive defenses organizations can deploy to detect, respond to, and prevent such attacks.

Supply Chain Security Alert: num2words PyPI Package Shows Signs of Compromise

Popular Python Package num2words v0.5.15 Published Without Repository Tag, Linked to Known Threat Actor

Another npm Supply Chain Attack: The 'is' Package Compromise

npm 'is' package versions 3.3.1 and 5.0.0 compromised - critical utility with millions of weekly downloads falls victim to expanding phishing campaign

anthropics/claude-code-action Security: How to Secure Claude Code in GitHub Actions with Harden-Runner

Unlike GitHub Copilot's built-in network firewall, anthropics/claude-code-action GitHub action operates in GitHub Actions without network restrictions by default. Complete guide to implementing Claude Code in GitHub Actions with runtime security monitoring using Harden-Runner.

There are no blog posts matching your criteria at this time.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.