home.social
Sign in Create account

#devsecops — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #devsecops, aggregated by home.social.

  1. CVEDatabase.com @cvedatabase ·

    Security Tip: Static API keys are a major liability in modern infrastructure. 🛡️ To minimize risk, implement automated rotation and prioritize short-lived credentials (TTL). This ensures that even if a secret is leaked, its window of utility for an attacker is extremely narrow. Moving toward dynamic secrets management is a key step in hardening your environment. Stay updated at cvedatabase.com

    #infosec #cybersecurity #api #devsecops
  2. halil deniz @[email protected] ·

    Linux Security Auditing with Lynis

    In this article, I cover how to use Lynis for Linux security auditing, system hardening, and practical vulnerability assessment.

    🔗 denizhalil.com/2025/03/17/linu

    #CyberSecurity #LinuxSecurity #Lynis #SecurityAuditing #SystemHardening #BlueTeam #DevSecOps #InfoSec #Linux #ITSecurity #SecurityEngineering #DenizHalil

    #cybersecurity #linuxsecurity #lynis #securityauditing #systemhardening #blueteam
  3. halil deniz @[email protected] ·

    Linux Security Auditing with Lynis

    In this article, I cover how to use Lynis for Linux security auditing, system hardening, and practical vulnerability assessment.

    🔗 denizhalil.com/2025/03/17/linu

    #CyberSecurity #LinuxSecurity #Lynis #SecurityAuditing #SystemHardening #BlueTeam #DevSecOps #InfoSec #Linux #ITSecurity #SecurityEngineering #DenizHalil

    #denizhalil #securityengineering #itsecurity #linux #infosec #devsecops
  4. halil deniz @[email protected] ·

    Linux Security Auditing with Lynis

    In this article, I cover how to use Lynis for Linux security auditing, system hardening, and practical vulnerability assessment.

    🔗 denizhalil.com/2025/03/17/linu

    #CyberSecurity #LinuxSecurity #Lynis #SecurityAuditing #SystemHardening #BlueTeam #DevSecOps #InfoSec #Linux #ITSecurity #SecurityEngineering #DenizHalil

    #cybersecurity #linuxsecurity #lynis #securityauditing #systemhardening #blueteam
  5. Blog Lab @[email protected] ·

    🔐 Active Supply Chain Attack: Malicious node-ipc Versions Published to npm

    🔗 stepsecurity.io/blog/node-ipc-

    #Security #SupplyChain #DevSecOps

    #security #supplychain #devsecops
  6. Blog Lab @[email protected] ·

    🔐 Active Supply Chain Attack: Malicious node-ipc Versions Published to npm

    🔗 stepsecurity.io/blog/node-ipc-

    #Security #SupplyChain #DevSecOps

    #devsecops #supplychain #security
  7. Blog Lab @[email protected] ·

    🔐 Active Supply Chain Attack: Malicious node-ipc Versions Published to npm

    🔗 stepsecurity.io/blog/node-ipc-

    #Security #SupplyChain #DevSecOps

    #security #supplychain #devsecops
  8. Black Cat White Hat Security @[email protected] ·

    The Packet Punisher: The Hacker
    Can you neutralize the Hacker, or will he claim your network?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  9. Black Cat White Hat Security @[email protected] ·

    The Packet Punisher: The Hacker
    Can you neutralize the Hacker, or will he claim your network?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  10. Black Cat White Hat Security @[email protected] ·

    The Packet Punisher: The Hacker
    Can you neutralize the Hacker, or will he claim your network?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  11. Black Cat White Hat Security @[email protected] ·

    The Packet Punisher: The Hacker
    Can you neutralize the Hacker, or will he claim your network?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #programming #finops #devsecops #zerotrust #python #technology
  12. Black Cat White Hat Security @[email protected] ·

    The Packet Punisher: The Hacker
    Can you neutralize the Hacker, or will he claim your network?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  13. Colin Watson @[email protected] ·

    Could something be skipping though the "customer interaction" points in your application?

    BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.

    Read the whole scenario at cornucopia.owasp.org/edition/c

    Details of new release at cornucopia.owasp.org/news/2026

    @owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia

    #appsec #devops #devsecops #threatmodelling #eop #owasp
  14. Colin Watson @[email protected] ·

    Could something be skipping though the "customer interaction" points in your application?

    BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.

    Read the whole scenario at cornucopia.owasp.org/edition/c

    Details of new release at cornucopia.owasp.org/news/2026

    @owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia

    #appsec #devops #devsecops #threatmodelling #eop #owasp
  15. Colin Watson @[email protected] ·

    Could something be skipping though the "customer interaction" points in your application?

    BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.

    Read the whole scenario at cornucopia.owasp.org/edition/c

    Details of new release at cornucopia.owasp.org/news/2026

    @owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia

    #appsec #devops #devsecops #threatmodelling #eop #owasp
  16. Colin Watson @[email protected] ·

    Could something be skipping though the "customer interaction" points in your application?

    BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.

    Read the whole scenario at cornucopia.owasp.org/edition/c

    Details of new release at cornucopia.owasp.org/news/2026

    @owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia

    #cornucopia #owasp #eop #threatmodelling #devsecops #devops
  17. Colin Watson @[email protected] ·

    Could something be skipping though the "customer interaction" points in your application?

    BOT3 from the OWASP Cornucopia Companion illustrates how automation at scale can be used on gambling sites to make bets fast & furiously, skipping past all the checks and balances, warnings, up-selling and regulatory information.

    Read the whole scenario at cornucopia.owasp.org/edition/c

    Details of new release at cornucopia.owasp.org/news/2026

    @owasp #appsec #devops #devsecops #threatmodelling #eop #owasp #cornucopia

    #appsec #devops #devsecops #threatmodelling #eop #owasp
  18. Black Cat White Hat Security @[email protected] ·

    The Game III: The Incinerator
    Legacy syntax is the only thing standing between you and the next level. Are your CF skills sharp enough or will you end up in the Incinerator?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  19. Black Cat White Hat Security @[email protected] ·

    The Game III: The Incinerator
    Legacy syntax is the only thing standing between you and the next level. Are your CF skills sharp enough or will you end up in the Incinerator?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  20. Black Cat White Hat Security @[email protected] ·

    The Game III: The Incinerator
    Legacy syntax is the only thing standing between you and the next level. Are your CF skills sharp enough or will you end up in the Incinerator?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  21. Black Cat White Hat Security @[email protected] ·

    The Game III: The Incinerator
    Legacy syntax is the only thing standing between you and the next level. Are your CF skills sharp enough or will you end up in the Incinerator?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #programming #finops #devsecops #zerotrust #python #technology
  22. Black Cat White Hat Security @[email protected] ·

    The Game III: The Incinerator
    Legacy syntax is the only thing standing between you and the next level. Are your CF skills sharp enough or will you end up in the Incinerator?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  23. Niclas @[email protected] ·

    Does anyone know if there's an equivalent to "GitLab Components" in Forgejo?

    #forgejo #Gitlab #CICD #Devops #Devsecops

    #forgejo #gitlab #cicd #devops #devsecops
  24. github.com/ghostwriter @[email protected] ·

    🚨 Critical Composer Update: 2.9.8 & 2.2.28 fix a GitHub Actions token disclosure!

    ⚠️ Update NOW or disable GitHub Actions immediately!

    blog.packagist.com/composer-2-

    #PHP #Composer #ComposerPHP #OpenSource #WebDevelopment #GitHubActions #DevSecOps #CyberSecurity #SoftwareUpdate #PatchRelease #DependencyManagement #SecurityFix #Programming #Packagist #PHPDev #ComposerUpdate #OpenSourceSoftware #WebDevLife #InfoSec #SecurityPatch #CodeSmart #DependencyManagement #SoftwareSecurity #TechUpdate

    #php #composer #composerphp #opensource #webdevelopment #githubactions
  25. github.com/ghostwriter @[email protected] ·

    🚨 Critical Composer Update: 2.9.8 & 2.2.28 fix a GitHub Actions token disclosure!

    ⚠️ Update NOW or disable GitHub Actions immediately!

    blog.packagist.com/composer-2-

    #PHP #Composer #ComposerPHP #OpenSource #WebDevelopment #GitHubActions #DevSecOps #CyberSecurity #SoftwareUpdate #PatchRelease #DependencyManagement #SecurityFix #Programming #Packagist #PHPDev #ComposerUpdate #OpenSourceSoftware #WebDevLife #InfoSec #SecurityPatch #CodeSmart #DependencyManagement #SoftwareSecurity #TechUpdate

    #php #composer #composerphp #opensource #webdevelopment #githubactions
  26. github.com/ghostwriter @[email protected] ·

    🚨 Critical Composer Update: 2.9.8 & 2.2.28 fix a GitHub Actions token disclosure!

    ⚠️ Update NOW or disable GitHub Actions immediately!

    blog.packagist.com/composer-2-

    #PHP #Composer #ComposerPHP #OpenSource #WebDevelopment #GitHubActions #DevSecOps #CyberSecurity #SoftwareUpdate #PatchRelease #DependencyManagement #SecurityFix #Programming #Packagist #PHPDev #ComposerUpdate #OpenSourceSoftware #WebDevLife #InfoSec #SecurityPatch #CodeSmart #DependencyManagement #SoftwareSecurity #TechUpdate

    #php #composer #composerphp #opensource #webdevelopment #githubactions
  27. github.com/ghostwriter @[email protected] ·

    🚨 Critical Composer Update: 2.9.8 & 2.2.28 fix a GitHub Actions token disclosure!

    ⚠️ Update NOW or disable GitHub Actions immediately!

    blog.packagist.com/composer-2-

    #PHP #Composer #ComposerPHP #OpenSource #WebDevelopment #GitHubActions #DevSecOps #CyberSecurity #SoftwareUpdate #PatchRelease #DependencyManagement #SecurityFix #Programming #Packagist #PHPDev #ComposerUpdate #OpenSourceSoftware #WebDevLife #InfoSec #SecurityPatch #CodeSmart #DependencyManagement #SoftwareSecurity #TechUpdate

    #techupdate #softwaresecurity #codesmart #securitypatch #infosec #webdevlife
  28. github.com/ghostwriter @[email protected] ·

    🚨 Critical Composer Update: 2.9.8 & 2.2.28 fix a GitHub Actions token disclosure!

    ⚠️ Update NOW or disable GitHub Actions immediately!

    blog.packagist.com/composer-2-

    #PHP #Composer #ComposerPHP #OpenSource #WebDevelopment #GitHubActions #DevSecOps #CyberSecurity #SoftwareUpdate #PatchRelease #DependencyManagement #SecurityFix #Programming #Packagist #PHPDev #ComposerUpdate #OpenSourceSoftware #WebDevLife #InfoSec #SecurityPatch #CodeSmart #DependencyManagement #SoftwareSecurity #TechUpdate

    #php #composer #composerphp #opensource #webdevelopment #githubactions
  29. Habr @[email protected] ·

    Вы пустили ИИ-агента в репозиторий, теперь разбираемся, что он может сломать

    В феврале 2026 года Claude Cowork стирает 15 лет семейных фотографий одной командой. За полгода до этого, в августе 2025-го, случился кейс Nx supply chain: малварь впервые в истории использует локальные ИИ-CLI как инструмент разведки. В марте этого года Google Cloud Threat Horizons H1-2026 подтверждает: часть украденных в Nx токенов используется кампанией UNC6426 для перехода CI/CD → cloud admin через злоупотребление OIDC. 72 часа от первого коммита до админских прав в AWS. Всё это примеры того, что может происходить, когда у ИИ-агента есть руки и мы забываем, на чьей машине эти руки действуют. Данная статья предназначается для неравнодушных инженеров, AppSec, DevSecOps специалистов и всех тех, кто хоть раз запускал агента у себя на машине. Запрещать агентов в контуре бесполезно, отказываться от них самому глупо, но чем они так опасны? Сперва развеем туман неясности, построим модель угроз, собранную на реальных инцидентах и опубликованных CVE, а после будут конкретные рекомендации, как ограничить агента песочницей без ущерба для эффективности разработки. И как запускать --dangerously-skip-permissions без страха.

    habr.com/ru/companies/pt/artic

    #ИИагенты #безопасность #OWASP #supply_chain #Claude_Code #prompt_injection #DevSecOps

    #devsecops #prompt_injection #claude_code #supply_chain #owasp #безопасность
  30. Habr @[email protected] ·

    Вы пустили ИИ-агента в репозиторий, теперь разбираемся, что он может сломать

    В феврале 2026 года Claude Cowork стирает 15 лет семейных фотографий одной командой. За полгода до этого, в августе 2025-го, случился кейс Nx supply chain: малварь впервые в истории использует локальные ИИ-CLI как инструмент разведки. В марте этого года Google Cloud Threat Horizons H1-2026 подтверждает: часть украденных в Nx токенов используется кампанией UNC6426 для перехода CI/CD → cloud admin через злоупотребление OIDC. 72 часа от первого коммита до админских прав в AWS. Всё это примеры того, что может происходить, когда у ИИ-агента есть руки и мы забываем, на чьей машине эти руки действуют. Данная статья предназначается для неравнодушных инженеров, AppSec, DevSecOps специалистов и всех тех, кто хоть раз запускал агента у себя на машине. Запрещать агентов в контуре бесполезно, отказываться от них самому глупо, но чем они так опасны? Сперва развеем туман неясности, построим модель угроз, собранную на реальных инцидентах и опубликованных CVE, а после будут конкретные рекомендации, как ограничить агента песочницей без ущерба для эффективности разработки. И как запускать --dangerously-skip-permissions без страха.

    habr.com/ru/companies/pt/artic

    #ИИагенты #безопасность #OWASP #supply_chain #Claude_Code #prompt_injection #DevSecOps

    #devsecops #prompt_injection #claude_code #supply_chain #owasp #безопасность
  31. Habr @[email protected] ·

    Вы пустили ИИ-агента в репозиторий, теперь разбираемся, что он может сломать

    В феврале 2026 года Claude Cowork стирает 15 лет семейных фотографий одной командой. За полгода до этого, в августе 2025-го, случился кейс Nx supply chain: малварь впервые в истории использует локальные ИИ-CLI как инструмент разведки. В марте этого года Google Cloud Threat Horizons H1-2026 подтверждает: часть украденных в Nx токенов используется кампанией UNC6426 для перехода CI/CD → cloud admin через злоупотребление OIDC. 72 часа от первого коммита до админских прав в AWS. Всё это примеры того, что может происходить, когда у ИИ-агента есть руки и мы забываем, на чьей машине эти руки действуют. Данная статья предназначается для неравнодушных инженеров, AppSec, DevSecOps специалистов и всех тех, кто хоть раз запускал агента у себя на машине. Запрещать агентов в контуре бесполезно, отказываться от них самому глупо, но чем они так опасны? Сперва развеем туман неясности, построим модель угроз, собранную на реальных инцидентах и опубликованных CVE, а после будут конкретные рекомендации, как ограничить агента песочницей без ущерба для эффективности разработки. И как запускать --dangerously-skip-permissions без страха.

    habr.com/ru/companies/pt/artic

    #ИИагенты #безопасность #OWASP #supply_chain #Claude_Code #prompt_injection #DevSecOps

    #devsecops #prompt_injection #claude_code #supply_chain #owasp #безопасность
  32. Habr @[email protected] ·

    Вы пустили ИИ-агента в репозиторий, теперь разбираемся, что он может сломать

    В феврале 2026 года Claude Cowork стирает 15 лет семейных фотографий одной командой. За полгода до этого, в августе 2025-го, случился кейс Nx supply chain: малварь впервые в истории использует локальные ИИ-CLI как инструмент разведки. В марте этого года Google Cloud Threat Horizons H1-2026 подтверждает: часть украденных в Nx токенов используется кампанией UNC6426 для перехода CI/CD → cloud admin через злоупотребление OIDC. 72 часа от первого коммита до админских прав в AWS. Всё это примеры того, что может происходить, когда у ИИ-агента есть руки и мы забываем, на чьей машине эти руки действуют. Данная статья предназначается для неравнодушных инженеров, AppSec, DevSecOps специалистов и всех тех, кто хоть раз запускал агента у себя на машине. Запрещать агентов в контуре бесполезно, отказываться от них самому глупо, но чем они так опасны? Сперва развеем туман неясности, построим модель угроз, собранную на реальных инцидентах и опубликованных CVE, а после будут конкретные рекомендации, как ограничить агента песочницей без ущерба для эффективности разработки. И как запускать --dangerously-skip-permissions без страха.

    habr.com/ru/companies/pt/artic

    #ИИагенты #безопасность #OWASP #supply_chain #Claude_Code #prompt_injection #DevSecOps

    #ииагенты #безопасность #owasp #supply_chain #claude_code #prompt_injection
  33. CIDU — Cyber Intelligence & Defense Unit @[email protected] ·

    84 npm versions published by an attacker in 12 hours.
    Without stealing a single declared token.

    On May 11, an operator forked TanStack/router on GitHub, opened a Pull Request, and triggered a three-stage attack chain:

    → Misconfigured pull_request_target
    → Arbitrary code execution with internal privileges
    → Poisoned GitHub Actions cache → pivot into the release workflow
    → OIDC token extracted via /proc/mem on the runner
    → Publish under the org's legitimate identity

    Outcome: 42 packages compromised, 84 malicious versions live.
    External detection in 20 minutes (StepSecurity / carlini).
    TanStack's internal monitoring never saw the incident.

    Our full analysis: the attack chain, the Shai-Hulud / tj-actions lineage, and the defensive checklist (workflows, cache, OIDC, ephemeral runners).

    cidu.io/articles/tanstack-npm-

    #SupplyChain #Cybersecurity #npm #DevSecOps #ThreatIntel #GitHubActions #SOC

    #supplychain #cybersecurity #npm #devsecops #threatintel #githubactions
  34. CIDU — Cyber Intelligence & Defense Unit @[email protected] ·

    84 npm versions published by an attacker in 12 hours.
    Without stealing a single declared token.

    On May 11, an operator forked TanStack/router on GitHub, opened a Pull Request, and triggered a three-stage attack chain:

    → Misconfigured pull_request_target
    → Arbitrary code execution with internal privileges
    → Poisoned GitHub Actions cache → pivot into the release workflow
    → OIDC token extracted via /proc/mem on the runner
    → Publish under the org's legitimate identity

    Outcome: 42 packages compromised, 84 malicious versions live.
    External detection in 20 minutes (StepSecurity / carlini).
    TanStack's internal monitoring never saw the incident.

    Our full analysis: the attack chain, the Shai-Hulud / tj-actions lineage, and the defensive checklist (workflows, cache, OIDC, ephemeral runners).

    cidu.io/articles/tanstack-npm-

    #SupplyChain #Cybersecurity #npm #DevSecOps #ThreatIntel #GitHubActions #SOC

    #supplychain #cybersecurity #npm #devsecops #threatintel #githubactions
  35. CIDU — Cyber Intelligence & Defense Unit @[email protected] ·

    84 npm versions published by an attacker in 12 hours.
    Without stealing a single declared token.

    On May 11, an operator forked TanStack/router on GitHub, opened a Pull Request, and triggered a three-stage attack chain:

    → Misconfigured pull_request_target
    → Arbitrary code execution with internal privileges
    → Poisoned GitHub Actions cache → pivot into the release workflow
    → OIDC token extracted via /proc/mem on the runner
    → Publish under the org's legitimate identity

    Outcome: 42 packages compromised, 84 malicious versions live.
    External detection in 20 minutes (StepSecurity / carlini).
    TanStack's internal monitoring never saw the incident.

    Our full analysis: the attack chain, the Shai-Hulud / tj-actions lineage, and the defensive checklist (workflows, cache, OIDC, ephemeral runners).

    cidu.io/articles/tanstack-npm-

    #SupplyChain #Cybersecurity #npm #DevSecOps #ThreatIntel #GitHubActions #SOC

    #supplychain #cybersecurity #npm #devsecops #threatintel #githubactions
  36. CIDU — Cyber Intelligence & Defense Unit @[email protected] ·

    84 npm versions published by an attacker in 12 hours.
    Without stealing a single declared token.

    On May 11, an operator forked TanStack/router on GitHub, opened a Pull Request, and triggered a three-stage attack chain:

    → Misconfigured pull_request_target
    → Arbitrary code execution with internal privileges
    → Poisoned GitHub Actions cache → pivot into the release workflow
    → OIDC token extracted via /proc/mem on the runner
    → Publish under the org's legitimate identity

    Outcome: 42 packages compromised, 84 malicious versions live.
    External detection in 20 minutes (StepSecurity / carlini).
    TanStack's internal monitoring never saw the incident.

    Our full analysis: the attack chain, the Shai-Hulud / tj-actions lineage, and the defensive checklist (workflows, cache, OIDC, ephemeral runners).

    cidu.io/articles/tanstack-npm-

    #SupplyChain #Cybersecurity #npm #DevSecOps #ThreatIntel #GitHubActions #SOC

    #soc #githubactions #threatintel #devsecops #npm #cybersecurity
  37. CIDU — Cyber Intelligence & Defense Unit @[email protected] ·

    84 npm versions published by an attacker in 12 hours.
    Without stealing a single declared token.

    On May 11, an operator forked TanStack/router on GitHub, opened a Pull Request, and triggered a three-stage attack chain:

    → Misconfigured pull_request_target
    → Arbitrary code execution with internal privileges
    → Poisoned GitHub Actions cache → pivot into the release workflow
    → OIDC token extracted via /proc/mem on the runner
    → Publish under the org's legitimate identity

    Outcome: 42 packages compromised, 84 malicious versions live.
    External detection in 20 minutes (StepSecurity / carlini).
    TanStack's internal monitoring never saw the incident.

    Our full analysis: the attack chain, the Shai-Hulud / tj-actions lineage, and the defensive checklist (workflows, cache, OIDC, ephemeral runners).

    cidu.io/articles/tanstack-npm-

    #SupplyChain #Cybersecurity #npm #DevSecOps #ThreatIntel #GitHubActions #SOC

    #supplychain #cybersecurity #npm #devsecops #threatintel #githubactions
  38. github.com/ghostwriter @[email protected] ·

    wiz.io/blog/mini-shai-hulud-st
    #CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity

    #cybersecurity #infosec #supplychainsecurity #softwaresupplychain #npm #opensourcesecurity
  39. github.com/ghostwriter @[email protected] ·

    wiz.io/blog/mini-shai-hulud-st
    #CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity

    #cybersecurity #infosec #supplychainsecurity #softwaresupplychain #npm #opensourcesecurity
  40. github.com/ghostwriter @[email protected] ·

    wiz.io/blog/mini-shai-hulud-st
    #CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity

    #cybersecurity #infosec #supplychainsecurity #softwaresupplychain #npm #opensourcesecurity
  41. github.com/ghostwriter @[email protected] ·

    wiz.io/blog/mini-shai-hulud-st
    #CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity

    #devcommunity #securityresearch #malwarealert #hackers #cyberattack #securityengineering
  42. github.com/ghostwriter @[email protected] ·

    wiz.io/blog/mini-shai-hulud-st
    #CyberSecurity #InfoSec #SupplyChainSecurity #SoftwareSupplyChain #NPM #OpenSourceSecurity #AppSec #DevSecOps #ThreatIntel #Malware #JavaScript #NodeJS #CICD #GitHubActions #CloudSecurity #TypeScript #ReactJS #WebDev #OpenSource #DevTools #SoftwareEngineering #DeveloperSecurity #SecureCoding #GitHub #SupplyChainAttack #Programming #TechNews #DevOps #ApplicationSecurity #ThreatResearch #SecurityEngineering #CyberAttack #Hackers #MalwareAlert #SecurityResearch #DevCommunity

    #cybersecurity #infosec #supplychainsecurity #softwaresupplychain #npm #opensourcesecurity
  43. Black Cat White Hat Security @[email protected] ·

    The Game II: The Prison
    Can you escape from the Prison?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  44. Black Cat White Hat Security @[email protected] ·

    The Game II: The Prison
    Can you escape from the Prison?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  45. Black Cat White Hat Security @[email protected] ·

    The Game II: The Prison
    Can you escape from the Prison?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  46. Black Cat White Hat Security @[email protected] ·

    The Game II: The Prison
    Can you escape from the Prison?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #programming #finops #devsecops #zerotrust #python #technology
  47. Black Cat White Hat Security @[email protected] ·

    The Game II: The Prison
    Can you escape from the Prison?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  48. Black Cat White Hat Security @[email protected] ·

    The Game: The Archivist
    Who is the Archivist and what are his plans?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  49. Black Cat White Hat Security @[email protected] ·

    The Game: The Archivist
    Who is the Archivist and what are his plans?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql
  50. Black Cat White Hat Security @[email protected] ·

    The Game: The Archivist
    Who is the Archivist and what are his plans?

    #CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

    Game Link: blackcatwhitehatsecurity.com/t

    #cybersecurity #powershell #cfml #ai #networking #sql