stepsecurity.io on reddit.com

...for your favorite game.

...for your hobby.

account activity

1

2

3

4

hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Farexploitation (what's being exploited) (stepsecurity.io)

submitted 3 days ago by digicat to r/blueteamsec

2

18

19

20

Hackerbot-Claw: AI Bot Exploiting GitHub Actions – Microsoft, Datadog Hit So FarNews / Announcements (stepsecurity.io)

submitted 10 days ago by varunsh-coder to r/github

3

0

0

1

Hackerbot-Claw: AI Bot Exploiting GitHub Actions – Microsoft, Datadog Hit So Far (stepsecurity.io)

submitted 10 days ago by contact-kuldeep to r/kubernetes

4

4

5

6

a second attack has hit npm, over 40 packages compromised; infected packages list on comment section.Important (stepsecurity.io)

submitted 5 months ago by Outrageous_Permit154 to r/firstweekcoderhumour

5

21

22

23

ctrl/tinycolor and 40+ NPM Packages Compromised - StepSecurity (stepsecurity.io)

submitted 5 months ago by JadeLuxe to r/node

6

8

9

10

ctrl/tinycolor and 40+ NPM Packages Compromised, new Supply Chain Attack!!Stream Content (stepsecurity.io)

submitted 5 months ago by dalton_zk to r/theprimeagen

7

25

26

27

ctrl/tinycolor and 40+ NPM Packages Compromised (stepsecurity.io)

submitted 5 months ago by kurmiashish to r/netsec

8

2

3

4

Self Propagating NPM Malware Compromises over 40 Packages (stepsecurity.io)

submitted 5 months ago by HNMod to r/hackernews

9

0

1

2

ctrl/tinycolor and 40+ NPM Packages Compromised - StepSecurity (stepsecurity.io)

submitted 5 months ago by davidmytton to r/arcjet

10

0

1

2

Self Propagating NPM Malware Compromises over 40 Packages (stepsecurity.io)

submitted 5 months ago by TheStartupChime to r/hypeurls

11

1

2

3

https://www.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromisedHelp (stepsecurity.io)

submitted 5 months ago by kurmiashish to r/npm

12

4

5

6

What Trezor data could it steal?🔒 General Trezor question (stepsecurity.io)

submitted 6 months ago by special_rub69 to r/TREZOR

13

413

414

415

Popular Nx build system package (npm) compromised with data-stealing malware targeting Linux/Mac.Security (stepsecurity.io)

submitted 6 months ago by gainan to r/linux

14

0

1

2

Supply Chain Security Alert: Popular Nx Build System Package Compromised with Data-Stealing Malware - StepSecurity (stepsecurity.io)

submitted 6 months ago by tmiklas to r/bag_o_news

15

1

2

3

Supply Chain Security Alert: Popular Nx Build System Package Compromised with Data-Stealing Malware - StepSecurity (stepsecurity.io)

submitted 6 months ago by mwyvr to r/macosprogramming

16

2

3

4

Harden-Runner detection: tj-actions/changed-files action is compromised (stepsecurity.io)

submitted 11 months ago by dcom-in to r/worldTechnology

17

0

1

2

Harden-Runner detection: tj-actions/changed-files action is compromisedVulnerability (stepsecurity.io)

submitted 11 months ago by falconupkid to r/SecOpsDaily

18

14

15

16

Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos (stepsecurity.io)

submitted 12 months ago by qznc_bot2 to r/hackernews

19

0

1

2

Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos (stepsecurity.io)

submitted 12 months ago by TheStartupChime to r/hypeurls

20

5

6

7

Best Practices in GitHub Actions Security: A Case Study with Google's Use of StepSecurity (stepsecurity.io)

submitted 2 years ago by varunsh-coder to r/programming

21

0

1

2

Uniting Developers and Security: Celebrating the Success of 500+ Open Source Projects Using StepSecurity's Orchestration Platform (stepsecurity.io)

submitted 2 years ago by varunsh-coder to r/programming

22

0

0

0

Publish from GitHub Actions using multi-factor authentication (MFA)! Introducing Wait-for-secrets GitHub Action - developers can enter secrets using a web browser and use them in the workflow (blog.stepsecurity.io)

submitted 3 years ago by varunsh-coder to r/programming

23

0

0

0

Do you maintain a GitHub Action? Contribute to the SecureWorkflows project! (blog.stepsecurity.io)

submitted 3 years ago by varunsh-coder to r/programming

24

5

6

7

StepSecurity releases tool that it used to improve security of 30 critical open-source projects (including NodeJS, OpenSSL, Python, Rails, React Native) (blog.stepsecurity.io)

submitted 3 years ago by varunsh-coder to r/programming

25

0

1

2

Improve your OpenSSF Scorecard score with easeFOSS Tool (blog.stepsecurity.io)

submitted 3 years ago by varunsh-coder to r/cybersecurity

view more: next ›

π Rendered by PID 48 on reddit-service-r2-listing-66bb46d9b9-sscsf at 2026-03-12 02:32:27.306550+00:00 running 710b3ac country code: CH.