Skip to main content
Scour
Discover
Docs
Login
Sign Up
Discover
About
Docs
Changelog
You are offline. Trying to reconnect...
Copied to clipboard
Unable to share or copy to clipboard
Back to article
neciudan.dev
4w
4 weeks ago
https://neciudan.dev/github-actions-poisoning
(opens in new tab)
Covers
5 stories
See all stories this covers
including
Postmortem: TanStack NPM supply-chain compromise
Covered by
programming.dev
,
tldr.tech
Discussed on
r/netsec
,
r/node
, and
r/programming
Love
Like
Not for me
Save
|
|
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Covers 5 related stories
TanStack Blog
·
5w
5 weeks ago
Postmortem: TanStack NPM supply-chain compromise
Discussed on
Hacker News
,
Hacker News
,
Lobsters
,
r/netsec
,
r/programming
, and
DEV
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Postmortem: TanStack NPM supply-chain compromise
securitylab.github.com
·
254w
254 weeks ago
Keeping your GitHub Actions and workflows secure: Preventing pwn requests (2021)
Discussed on
Hacker News
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Keeping your GitHub Actions and workflows secure: Preventing pwn requests (2021)
docs.npmjs.com
·
40w
40 weeks ago
Trusted Publishing for NPM Packages
Discussed on
Hacker News
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Trusted Publishing for NPM Packages
stepsecurity.io
·
66w
66 weeks ago
Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos
Discussed on
Hacker News
and
Lobsters
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos
GitHub
·
75w
75 weeks ago
Zizmor – static analysis for GitHub Actions
Discussed on
Hacker News
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Zizmor – static analysis for GitHub Actions
Covered in 2 articles
programming.dev
·
5w
5 weeks ago
GitHub Actions Cache Poisoning is eating open source
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for GitHub Actions Cache Poisoning is eating open source
tldr.tech
·
4w
4 weeks ago
Megalodon Hits 5.7K Repos 🦈, CanaryHunter Token Scan 🔍, Kimwolf Admin Arrested 🚨
Love
Like
Not for me
Save
Add to your feed
Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Actions for Megalodon Hits 5.7K Repos 🦈, CanaryHunter Token Scan 🔍, Kimwolf Admin Arrested 🚨
Keyboard Shortcuts
Navigation
Next / previous post
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Discover
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help
Like
Save
Not for me
Report