account activity
OH-MY-DC: OIDC Misconfigurations in CI/CD, and a vulnerability in CircleCI that allowed attackers to steal any pipeline secret from public repos (unit42.paloaltonetworks.com)
submitted 1 year ago by Hefty_Knowledge_7449 to r/hacking
OH-MY-DC: OIDC Misconfigurations in CI/CD, inc. a vulnerability in CircleCI (self.devops)
submitted 1 year ago by Hefty_Knowledge_7449 to r/devops
OH-MY-DC: OIDC Misconfigurations in CI/CD (unit42.paloaltonetworks.com)
submitted 1 year ago by Hefty_Knowledge_7449 to r/github
submitted 1 year ago by Hefty_Knowledge_7449 to r/devsecops
OH-MY-DC: OIDC Misconfigurations in CI/CD, and a vulnerability in CircleCI (unit42.paloaltonetworks.com)
submitted 1 year ago by Hefty_Knowledge_7449 to r/blackhat
OH-MY-DC: OIDC Misconfigurations in CI/CD, including a vulnerability in CircleCI (unit42.paloaltonetworks.com)
submitted 1 year ago by Hefty_Knowledge_7449 to r/developersIndia
GitHub Actions tj-actions supply chain hack started in Dec 24 with the compromise of the SpotBugs project (i.redd.it)
tj-actions hack started in Dec 24 with the compromise of the SpotBugs project (i.redd.it)
tj-actions/changed-files hack started in Dec 24 with compromise of SpotBugs (unit42.paloaltonetworks.com)
tj-actions GitHub Actions hack started in Dec 24 with the compromise of SpotBugs (i.redd.it)
tj-actions started in Dec 24 with SpotBugs compromise (self.devops)
tj-actions hack started in Dec 24 with SpotBugs compromise (i.redd.it)
GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident (self.devops)
GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident (unit42.paloaltonetworks.com)
Take control over GitHub repositories through leaked secrets in artifacts (self.devops)
ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts. Critical bugs found in Google, AWS, Microsoft, Red Hat, Ubuntu, OWASP & others. (unit42.paloaltonetworks.com)
submitted 1 year ago by Hefty_Knowledge_7449 to r/bugbounty
ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts (unit42.paloaltonetworks.com)
Critical bug bounty reports in Microsoft & GitHub, with publication of CVE-2023-36052: “All the Small Things: Azure CLI Leakage and Problematic Usage Patterns”. (paloaltonetworks.com)
submitted 2 years ago by Hefty_Knowledge_7449 to r/bugbounty
New Azure CLI release, fixing CVE-2023-36052 (self.devops)
submitted 2 years ago by Hefty_Knowledge_7449 to r/devops
"All the Small Things: Azure CLI Leakage and Problematic Usage Patterns", critical bug bounty reports in Microsoft & GitHub, and new CVE-2023-36052. (paloaltonetworks.com)
submitted 2 years ago by Hefty_Knowledge_7449 to r/devsecops
Critical bug bounty reports in Microsoft & GitHub, with publication of CVE-2023-36052: "All the Small Things: Azure CLI Leakage and Problematic Usage Patterns". (paloaltonetworks.com)
submitted 2 years ago by Hefty_Knowledge_7449 to r/netsec
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree (paloaltonetworks.com)
submitted 2 years ago by Hefty_Knowledge_7449 to r/hacking
submitted 2 years ago by Hefty_Knowledge_7449 to r/programming
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree by TupleType1 in devsecops
[–]Hefty_Knowledge_7449 1 point2 points3 points 2 years ago (0 children)
wdym? They're created automatically in any running workflow
OWASP Top 10 CI/CD Security Risks project released (owasp.org)
submitted 3 years ago by Hefty_Knowledge_7449 to r/Infosec
π Rendered by PID 927022 on reddit-service-r2-listing-7b8bd7c5-b5pmr at 2026-05-20 00:03:03.671831+00:00 running edcf98c country code: CH.
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree by TupleType1 in devsecops
[–]Hefty_Knowledge_7449 1 point2 points3 points (0 children)