- A First Look at Harden-Runner: The Must-Have GitHub Action To Prevent Supply Chain Attacks https://betterprogramming.pub/a-first-look-at-harden-runner-the-must-have-github-action-to-prevent-supply-chain-attacks-d7707bbc106e?sk=db3c14979b5d8245822e6b6450d3e689 2 comments programming
Linked pages
- Google https://www.google.com/ 17455 comments
- Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies | by Alex Birsan | Medium https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 661 comments
- Medium https://medium.com/m/signin?isDraft=1&operation=login&redirect=https%3A%2F%2Fmedium.com%2F%40jamie_34747%2F79d382edf22b%3Fsource%3D 19 comments
- Popular npm Project Used by Millions Hijacked in Supply-Chain Attack https://blog.sonatype.com/npm-project-used-by-millions-hijacked-in-supply-chain-attack 6 comments
- GitHub - step-security/harden-runner: Protect your CI/CD pipeline from SolarWinds and Codecov-Type Attacks with the Harden-Runner Security Agent https://github.com/step-security/harden-runner 5 comments
- Popular Codecov code coverage tool hacked to steal dev credentials https://www.bleepingcomputer.com/news/security/popular-codecov-code-coverage-tool-hacked-to-steal-dev-credentials/ 2 comments