Posts tagged with: supply chain
-
Critical Container Registry Security Flaw: How Multi-Architecture Manifests Create Attack Vectors
A deep dive into the new ContainerHijack attack vector that allows attackers to poison container registries and bypass image scanning. Learn how it works and how to apply immediate policy-based mitigations.
-
BREAKING: Massive CI/CD Pipeline Injection Attack Compromises 10,000+ Repositories
A sophisticated supply chain attack targeting CI/CD pipelines has compromised over 10,000 GitHub repositories. The attack, dubbed 'PipelinePhantom,' exploits a previously unknown vulnerability in how GitHub Actions handles workflow file parsing.