#GitHub
Red Hat npm compromise proves provenance alone is not enough
Red Hat npm compromise proves provenance alone is not enough Red Hat has confirmed that multiple packages published under the @redhat-cloud-services npm namespa...
Lucas Oliveira
Research
GitHub breach forces GHES signing-key rotation
GitHub breach forces GHES signing-key rotation | 2026 GitHub's May 2026 incident is a useful reminder that developer tooling is now part of the production trust...
Lucas Oliveira
Research
One-Click github.dev Attack Lets Malicious Repos Steal Full GitHub Tokens
One-Click github.dev Attack Lets Malicious Repos Steal Full GitHub Tokens | 2026 Executive Summary Security researcher Ammar Askar disclosed a one-click attack...
Lucas Oliveira
Research
GitHub GHES Signing Key Rotation Puts Admins on the Clock
GitHub GHES Signing Key Rotation Puts Admins on the Clock Executive Summary GitHub warned on May 26, 2026 that administrators running GitHub Enterprise Server (...
Lucas Oliveira
Research
GitHub Action tag hijack turns CI/CD runs into credential theft
GitHub Action tag hijack turns CI/CD runs into credential theft A fresh GitHub Actions supply chain incident is a good reminder that "pinned" does not mean safe...
Lucas Oliveira
Research
Trivy GitHub Action compromise exposed CI/CD secrets in a stealth supply-chain attack
Trivy GitHub Action compromise exposed CI/CD secrets in a stealth supply-chain attack A supply-chain compromise in Aqua Security’s aquasecurity/trivy-action sho...
Lucas Oliveira
Research
GlassWorm Shifts to Transitive Open VSX Dependencies in Developer Supply-Chain Push
GlassWorm Shifts to Transitive Open VSX Dependencies in Developer Supply-Chain Push GlassWorm is no longer just a story about obviously malicious extensions. Th...
Lucas Oliveira
Research
FakeGit: GitHub malware campaign hits 600+ repos
FakeGit: GitHub malware campaign hits 600+ repos | 2026 Executive Summary A Vietnamese-speaking threat actor has been distributing FakeGit, a GitHub-based malwa...
Lucas Oliveira
Research