GitHub Actions is the weakest link
ATT&CK techniques detected
T1195.001Compromise Software Dependencies and Development Tools
84%
"code ran with an npm publishing token in scope. the malicious nx releases that followed went looking for ai coding assistant credentials on developer machines and used them to enumerate and exfiltrate private repositories, which is how a single unsanitised string in a ci workflow…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
57%
"the best available defence for github actions is a third - party linter maintained largely by one person that catches footguns github put there and could remove. trusted publishing the reason i keep worrying at this rather than any of the dozen other places a package can be compr…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…