This week's articles
The Forensic Trail On GitHub: Hunting For Supply Chain Activity
Slides from a talk which details GitHub Actions supply chain attacks, demonstrating forensic investigation methodology using public GitHub data. Covers user analysis, attack patterns, payload recovery, deleted evidence reconstruction, and pivoting techniques for threat intelligence without private feeds.
#attack
#ci/cd
#supply-chain
#monitor
Incorrect Permission Assignment issue in GitLab ID token
This article details a GitLab vulnerability (CVE-2025-5819) where merge request pipelines could obtain ID tokens with identical 'sub' claims as protected branches, enabling potential privilege escalation through OIDC authentication.
#ci/cd
#attack
|