ci-cd-security

Blog All categories All authors All tags
Preview image for a blog post

Trivy GitHub Actions Under Siege: 75 Tags Hijacked in Sophisticated CI/CD Secret Theft Campaign

Trivy GitHub Actions aquasecurity/trivy-action and aquasecurity/setup-trivy breached, 75 tags hijacked to steal critical CI/CD secrets.
Preview image for a blog post

Critical Exposure: 278-Day Dependency Lag and Unprotected Pipelines Fueling Cloud-Native Security Debt

Cloud-native security debt surges as 87% of orgs run exploitable vulnerabilities due to outdated dependencies and unsecured pipelines.