#cicd-credential-theft
#cicd-credential-theft

[ follow ]

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A compromised NPM maintainer account published malicious package versions that triggered multi-stage credential theft and persistence across CI environments and developer tooling.

Information security

fromThe Hacker News

1 day ago

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

Compromised GitHub Actions workflows use imposter commits to steal CI/CD credentials and exfiltrate them to attacker-controlled servers.

[ Load more ]

#cicd-credential-theft#cicd-credential-theft

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

#cicd-credential-theft
#cicd-credential-theft