Tag

#CI/CD

5 published stories tagged with CI/CD.

highSupply Chain SecurityJun 2, 2026·6 min read

Red Hat Cloud Services npm Compromise Shows How Trusted Frontend Packages Can Become A Build Pipeline Risk

Red Hat says a supply chain compromise affected multiple packages in the `@redhat-cloud-services` npm namespace after a compromised GitHub account pushed unauthorized commits.

highSupply Chain SecurityMay 8, 2026·4 min read

Brief: Trivy supply chain attack targets CI/CD secrets

Dark Reading reported a Trivy-related supply-chain attack targeting CI/CD secrets. Pipeline secrets should be scoped, rotated, monitored, and protected from untrusted build steps.

highSupply Chain SecurityMay 8, 2026·4 min read

Defender Guidance: Trivy supply chain attack targets CI/CD secrets

Dark Reading reported a Trivy-related supply-chain attack targeting CI/CD secrets. Pipeline secrets should be scoped, rotated, monitored, and protected from untrusted build steps.

highSupply Chain SecurityMay 8, 2026·4 min read

Detection Notes: Trivy supply chain attack targets CI/CD secrets

Dark Reading reported a Trivy-related supply-chain attack targeting CI/CD secrets. Pipeline secrets should be scoped, rotated, monitored, and protected from untrusted build steps.

highSupply Chain SecurityMay 8, 2026·4 min read

Risk Brief: Trivy supply chain attack targets CI/CD secrets

Dark Reading reported a Trivy-related supply-chain attack targeting CI/CD secrets. Pipeline secrets should be scoped, rotated, monitored, and protected from untrusted build steps.