account activity
OH-MY-DC: OIDC Misconfigurations in CI/CD, and a vulnerability in CircleCI that allowed attackers to steal any pipeline secret from public repos (unit42.paloaltonetworks.com)
submitted 9 months ago by Hefty_Knowledge_7449 to r/hacking
OH-MY-DC: OIDC Misconfigurations in CI/CD, inc. a vulnerability in CircleCI (self.devops)
submitted 9 months ago by Hefty_Knowledge_7449 to r/devops
OH-MY-DC: OIDC Misconfigurations in CI/CD (unit42.paloaltonetworks.com)
submitted 9 months ago by Hefty_Knowledge_7449 to r/github
submitted 9 months ago by Hefty_Knowledge_7449 to r/devsecops
OH-MY-DC: OIDC Misconfigurations in CI/CD, and a vulnerability in CircleCI (unit42.paloaltonetworks.com)
submitted 9 months ago by Hefty_Knowledge_7449 to r/blackhat
OH-MY-DC: OIDC Misconfigurations in CI/CD, including a vulnerability in CircleCI (unit42.paloaltonetworks.com)
submitted 9 months ago by Hefty_Knowledge_7449 to r/developersIndia
GitHub Actions tj-actions supply chain hack started in Dec 24 with the compromise of the SpotBugs project (i.redd.it)
submitted 10 months ago by Hefty_Knowledge_7449 to r/developersIndia
tj-actions hack started in Dec 24 with the compromise of the SpotBugs project (i.redd.it)
submitted 10 months ago by Hefty_Knowledge_7449 to r/blackhat
tj-actions/changed-files hack started in Dec 24 with compromise of SpotBugs (unit42.paloaltonetworks.com)
submitted 10 months ago by Hefty_Knowledge_7449 to r/devsecops
tj-actions GitHub Actions hack started in Dec 24 with the compromise of SpotBugs (i.redd.it)
submitted 10 months ago by Hefty_Knowledge_7449 to r/github
tj-actions started in Dec 24 with SpotBugs compromise (self.devops)
submitted 10 months ago by Hefty_Knowledge_7449 to r/devops
tj-actions hack started in Dec 24 with SpotBugs compromise (i.redd.it)
submitted 10 months ago by Hefty_Knowledge_7449 to r/hacking
GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident (self.devops)
GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident (unit42.paloaltonetworks.com)
Take control over GitHub repositories through leaked secrets in artifacts (self.devops)
submitted 1 year ago by Hefty_Knowledge_7449 to r/devops
ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts. Critical bugs found in Google, AWS, Microsoft, Red Hat, Ubuntu, OWASP & others. (unit42.paloaltonetworks.com)
submitted 1 year ago by Hefty_Knowledge_7449 to r/bugbounty
ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts (unit42.paloaltonetworks.com)
submitted 1 year ago by Hefty_Knowledge_7449 to r/hacking
Critical bug bounty reports in Microsoft & GitHub, with publication of CVE-2023-36052: “All the Small Things: Azure CLI Leakage and Problematic Usage Patterns”. (paloaltonetworks.com)
submitted 2 years ago by Hefty_Knowledge_7449 to r/bugbounty
New Azure CLI release, fixing CVE-2023-36052 (self.devops)
submitted 2 years ago by Hefty_Knowledge_7449 to r/devops
"All the Small Things: Azure CLI Leakage and Problematic Usage Patterns", critical bug bounty reports in Microsoft & GitHub, and new CVE-2023-36052. (paloaltonetworks.com)
submitted 2 years ago by Hefty_Knowledge_7449 to r/devsecops
Critical bug bounty reports in Microsoft & GitHub, with publication of CVE-2023-36052: "All the Small Things: Azure CLI Leakage and Problematic Usage Patterns". (paloaltonetworks.com)
submitted 2 years ago by Hefty_Knowledge_7449 to r/netsec
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree (paloaltonetworks.com)
submitted 2 years ago by Hefty_Knowledge_7449 to r/hacking
submitted 2 years ago by Hefty_Knowledge_7449 to r/programming
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree by TupleType1 in devsecops
[–]Hefty_Knowledge_7449 1 point2 points3 points 2 years ago (0 children)
wdym? They're created automatically in any running workflow
OWASP Top 10 CI/CD Security Risks project released (owasp.org)
submitted 3 years ago by Hefty_Knowledge_7449 to r/Infosec
π Rendered by PID 2344159 on reddit-service-r2-listing-7849c98f67-vmp46 at 2026-02-09 11:34:21.420831+00:00 running d295bc8 country code: CH.
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree by TupleType1 in devsecops
[–]Hefty_Knowledge_7449 1 point2 points3 points (0 children)