Posts by Tag: ci
all of the articles we have posted and linked so far under the tag: ci
New 22 May 2026
Megalodon: 5,561 Repos Swallowed in Six Hours
TLDR and details on the Megalodon supply chain attack mass-backdooring GitHub repositories via malicious CI/CD workflow commits.
20 May 2026
Composer: Tokens Spilled on the CI Stage
TLDR and affected version summary for CVE-2026-45793, a Composer vulnerability that may expose GitHub authentication tokens in CI logs.
11 May 2026
Mini Shai-Hulud: The Package That Crawled Through CI
TLDR and affected package summary for the Mini Shai-Hulud npm and PyPI supply-chain campaign.