varunsharma07

Recent Submissions

1. 1. ▲ Harden Runner Detected the SHA1-Hulud Supply Chain Attack in CNCF's Backstage (stepsecurity.io) 1 point · 19 days ago · 1 comment
2. 2. ▲ Popular Nx Build System NPM Package Compromised with Data Stealing Malware (stepsecurity.io) 10 points · 3 months ago · 2 comments
3. 3. ▲ Suspicious Tag Change in AWS's GitHub Action: What Happened and Why It Matters (stepsecurity.io) 3 points · 4 months ago · 1 comment
4. 4. ▲ Num2words PyPI Package Compromised (stepsecurity.io) 22 points · 4 months ago · 6 comments
5. 5. ▲ eslint-config-prettier npm package compromised (stepsecurity.io) 74 points · 5 months ago · 11 comments
6. 6. ▲ Grafana GitHub Actions Security Incident (stepsecurity.io) 10 points · 7 months ago · 0 comments
7. 7. ▲ Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos (stepsecurity.io) 273 points · 9 months ago · 298 comments
8. 8. ▲ CI/CD supply chain attack on Azure Karpenter Provider open-source project (stepsecurity.io) 3 points · 1 year ago · 2 comments
9. 9. ▲ Security Breach in Stripe Repo: A Deep Dive into the "Pwn Request" Vulnerability (stepsecurity.io) 7 points · 1 year ago · 0 comments
10. 10. ▲ An Obscure Actions Workflow Vulnerability in Google's Flank (adnanthekhan.com) 20 points · 1 year ago · 1 comment