The Hacker News
@thehackernews
�� Shai-Hulud 2.0 ran code before security scans, quietly breaking CI/CD at the source.
As Jonny Rivera from ActiveState explains, it stole cloud credentials and turned GitHub runners into attacker-controlled botnets—long before detection kicked in.
Fix: control what enters the pipeline.
�� How curated catalogs stop pre-install attacks → https://thehackernews.com/expert-insights/2026/03/the-curated-catalog-biggest-defense.html
As Jonny Rivera from ActiveState explains, it stole cloud credentials and turned GitHub runners into attacker-controlled botnets—long before detection kicked in.
Fix: control what enters the pipeline.
�� How curated catalogs stop pre-install attacks → https://thehackernews.com/expert-insights/2026/03/the-curated-catalog-biggest-defense.html
👍 6
🔥 3
22 8.2K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram