Adnan Khan's Blog
Search
All Posts
Conference Talks
About Me
Archive
2025
1
February
1
(Not So) Safe{Wallet}: GitHub Actions Risks Impacting Safe’s Frontend
February 27, 2025
· 13 min · adnanthekhan
2024
8
December
1
Cacheract: The Monster in your Build Cache
December 22, 2024
· 11 min · adnanthekhan
November
1
Release-Drafter To google/accompanist Compromise: VRP Writeup
November 12, 2024
· 6 min · adnanthekhan
July
2
BlackHat 2024 and DEF CON 32 Preview
July 30, 2024
· 4 min · adnanthekhan
RoguePuppet - A Critical Puppet Forge Supply Chain Vulnerability
July 2, 2024
· 13 min · adnanthekhan
May
1
The Monsters in Your Build Cache - GitHub Actions Cache Poisoning
May 6, 2024
· 26 min · adnanthekhan
April
1
An Obscure Actions Workflow Vulnerability in Google’s Flank
April 15, 2024
· 11 min · adnanthekhan
January
2
Web3’s Achilles’ Heel: A Supply Chain Attack on Astar Network
January 19, 2024
· 27 min · adnanthekhan
CVE-2023-49291 and More - A Potential Actions Nightmare
January 11, 2024
· 14 min · adnanthekhan
2023
2
December
2
One Supply Chain Attack to Rule Them All - Poisoning GitHub’s Runner Images
December 20, 2023
· 22 min · adnanthekhan
Welcome to my blog - there is more to come!
December 16, 2023
· 3 min · adnanthekhan