Archives

All 16 posts, organized by year.

2026 (3 posts)

Mar 3 Turning Almost Nothing into a Supply Chain Compromise of Angular with GitHub Actions Cache Poisoning

#cache-poisoning #githubactions #bugbounty
Feb 9 Clinejection — Compromising Cline's Production Releases just by Prompting an Issue Triager

#cicd #githubactions #cache-poisoning #ai
Jan 7 Copilot or Coconspirator - Tricking GitHub Copilot and Stealing all Your Secrets

#cicd #ai #github #bugbounty

2025 (3 posts)

Jul 21 Who's SHA is it Anyway: Bypassing Google Cloud Build Comment Control for $30,000

#cicd #bugbounty
May 2 Watch your Dispatch: Race Condition in Dependabot Core CI

#bugbounty #cicd #github
Feb 27 (Not So) Safe{Wallet}: GitHub Actions Risks Impacting Safe''s Frontend

#cicd #githubactions #security #supplychain #github #web3

2024 (8 posts)

2023 (2 posts)