🔄 GitHub Actions - buckman · Scour

Living Off the Pipeline: Defending Against CI/CD Subversion 💥Exploit Dev

sentinelone.com·5d

Pullfrog 📁Dotfiles

pullfrog.com·14h

How We Got a CISA GitHub Leak Taken Down in Under a Day 🔓Vulnerability Research

blog.gitguardian.com·1d·Hacker News

Awesome Repo ⚙️AI Automation

github.com·20h·r/GithubCopilot

Homelab for DevOps experience? 🏠Homelab

lemmy.world·6d

Anthropic Introduces Routines for Claude Code Automation ⚙️AI Automation

Grafana breach caused by missed token rotation after TanStack attack 🎭Delegation Attacks

bleepingcomputer.com·11h

Trusted Publishing for NPM Packages 📦Package Managers

docs.npmjs.com·1d·Hacker News

Grafana GitHub Breach Exposes Source Code via TanStack npm Attack 🛡️OWASP

thehackernews.com·22h

Grafana Labs security update: Latest on TanStack npm supply chain ransomware incident 🔗Supply Chain Attacks

grafana.com·23h·Lobsters, Hacker News

asamarts/alint: Language-agnostic linter for repository structure, files, and content 🔍Binary Diffing

github.com·1d·Hacker News

Your CI/CD Pipeline Has Non-Human Identities You Forgot About 🔄CI/CD

Building Middleman using GitHub Actions 🐙GitHub

evantravers.com·1d

America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames 🛡️OWASP

theregister.com·1d

Grafana Labs refuses ransom after hackers steal already-open-source code 🔓Hacking

thenextweb.com·2d

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials 📦Dependency Confusion

thehackernews.com·1d

KimlikDAO/EvmScript: An EVM language embedded in TypeScript: write, test and deploy EVM programs from TypeScript 🖥️Bytecode VMs

github.com·1d·Hacker News

Why Claude Code AutoFix Can’t Fix Flaky Tests 🔍Binary Diffing

·2d·DEV

Spec-Driven Development with math-glyph compression 🔍Static Analysis

github.com·2d·Hacker News

TanStack Details Sophisticated npm Supply Chain Attack That Compromised 42 Packages 📦Dependency Confusion

Log in to enable infinite scrolling