GitHub Actions Supply Chain Attack: Tag Redirection and CI/CD Credential Exfiltration
Critical GitHub Actions supply chain attack redirects tags to imposter commits, stealing CI/CD credentials.
github-actions
Trivy GitHub Actions Under Siege: 75 Tags Hijacked in Sophisticated CI/CD Secret Theft Campaign
Trivy GitHub Actions aquasecurity/trivy-action and aquasecurity/setup-trivy breached, 75 tags hijacked to steal critical CI/CD secrets.