#cicd-credential-theft

[ follow ]
#github-actions #supply-chain-attacks #cloud-metadata-services #malware-exfiltration #npm-malware
Information security
fromThe Hacker News
5 days ago

Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows

Megalodon used forged CI workflow commits to exfiltrate CI secrets, cloud credentials, tokens, keys, and configuration data from thousands of GitHub repositories within hours.
Information security
fromSecurityWeek
1 week ago

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A compromised NPM maintainer account published malicious package versions that triggered multi-stage credential theft and persistence across CI environments and developer tooling.
Information security
fromThe Hacker News
1 week ago

GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials

Compromised GitHub Actions workflows use imposter commits to steal CI/CD credentials and exfiltrate them to attacker-controlled servers.
[ Load more ]