3Actions-cool/issues-helper GitHub Action Compromised (opens in new tab)(github.com)3varunsharma077d ago0
5Postmortem: TanStack NPM supply-chain compromise (opens in new tab)(tanstack.com)1097varunsharma0714d ago465
6Hundreds of GitHub Python Repos Compromised via Account Takeover and Force-Push (opens in new tab)(stepsecurity.io)5varunsharma072mo ago1
7Show HN: Scan your dev machine for AI agents, MCP servers, and IDE extensions (opens in new tab)(github.com)9varunsharma072mo ago0
8Xygeni/xygeni-action GitHub Action is compromised – poisoned tag is still live (opens in new tab)(stepsecurity.io)2varunsharma072mo ago0
9Hackerbot-Claw: AI Bot Exploiting GitHub Actions – Microsoft, Datadog Hit So Far (opens in new tab)(stepsecurity.io)27varunsharma072mo ago4
10GitHub Actions is left vulnerable to supply chain attacks: Datadog Report (opens in new tab)(datadoghq.com)4varunsharma072mo ago0
11Cline Supply Chain Attack: Cline 2.3.0 Silently Installs OpenClaw (opens in new tab)(stepsecurity.io)12varunsharma073mo ago1
12Harden Runner Detected the SHA1-Hulud Supply Chain Attack in CNCF's Backstage (opens in new tab)(stepsecurity.io)1varunsharma075mo ago1
13Popular Nx Build System NPM Package Compromised with Data Stealing Malware (opens in new tab)(stepsecurity.io)10varunsharma079mo ago2
14Suspicious Tag Change in AWS's GitHub Action: What Happened and Why It Matters (opens in new tab)(stepsecurity.io)3varunsharma079mo ago1
