CSO Online

Bitwarden CLI password manager trojanized in supply chain attack

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...
BeInCrypto

Bitwarden CLI Supply Chain Attack Puts Crypto Wallet Keys at Risk

Bitwarden CLI 2026.4.0 was compromised in a supply chain attack that targets crypto wallet keys, SSH keys, and CI/CD secrets.
Computer Weekly

Boost cooks up SmokedMeat, open source framework for CI/CD pipelines protection

Boost Security has announced SmokedMeat, an open source red team framework for CI/CD pipelines that shows how attackers ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal ...
TechCrunch

Anthropic took down thousands of GitHub repos trying to yank its leaked source code — a move the company says was an accident

Anthropic accidentally caused thousands of code repositories on GitHub to be taken down while trying to pull copies of its most popular product’s source code off the internet. On Tuesday, a software ...
The Hacker News

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the ...
Dark Reading

Trivy Supply Chain Attack Targets CI/CD Secrets

A threat actor is systematically targeting cloud credentials, SSH keys, authentication tokens, and other sensitive secrets stored in automated enterprise software build and deployment pipelines after ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware capable of stealing sensitive CI/CD secrets.
Developer Tech

BMC: Integrating mainframe systems into modern CI/CD pipelines

Insights from Dr Elizabeth Maxwell, Global Director of Mainframe Modernisation at BMC and Dr Xavier Eraso, Mainframe DevOps Expert at BMC Integrating mainframe systems into modern CI/CD pipelines ...
Scientific Research Publishing

Best Practices of CI/CD Adoption in Java Cloud Environments: A Review ()

1 Department of Computer Science, University of Bridgeport, Bridgeport, USA. 2 Department of Computer Science, University of Illinois at Springfield, Springfield, USA. 3 Department of Computer ...
Scientific Research Publishing

Koppanati, P.K. (2019) Building Custom CI/CD Pipelines for Java Applications in GitLab. Journal of Scientific and Engineering Research, 6, 233-238.

ABSTRACT: The continuous integration (CI) and continuous delivery/deployment (CD) methods are key tools in the field of modern software development, and they assist in the rapid, reliable and quality ...
winbuzzer.com

GitHub Agentic Workflows Enter Technical Preview for CI/CD AI

GitHub has launched Agentic Workflows into technical preview, letting AI agents handle repository tasks automatically inside GitHub Actions under a framework the company calls continuous AI. Developed ...