varunsharma07

Recent Submissions

1. 1. ▲ Hundreds of GitHub Python Repos Compromised via Account Takeover and Force-Push (stepsecurity.io) 5 points · 22 days ago · 1 comment
2. 2. ▲ Show HN: Scan your dev machine for AI agents, MCP servers, and IDE extensions (github.com) 9 points · 24 days ago · 0 comments
3. 3. ▲ Xygeni/xygeni-action GitHub Action is compromised – poisoned tag is still live (stepsecurity.io) 2 points · 26 days ago · 0 comments
4. 4. ▲ Hackerbot-Claw: AI Bot Exploiting GitHub Actions – Microsoft, Datadog Hit So Far (stepsecurity.io) 27 points · 1 month ago · 4 comments
5. 5. ▲ GitHub Actions is left vulnerable to supply chain attacks: Datadog Report (datadoghq.com) 4 points · 1 month ago · 0 comments
6. 6. ▲ Cline Supply Chain Attack: Cline 2.3.0 Silently Installs OpenClaw (stepsecurity.io) 12 points · 1 month ago · 1 comment
7. 7. ▲ Harden Runner Detected the SHA1-Hulud Supply Chain Attack in CNCF's Backstage (stepsecurity.io) 1 point · 4 months ago · 1 comment
8. 8. ▲ Popular Nx Build System NPM Package Compromised with Data Stealing Malware (stepsecurity.io) 10 points · 7 months ago · 2 comments
9. 9. ▲ Suspicious Tag Change in AWS's GitHub Action: What Happened and Why It Matters (stepsecurity.io) 3 points · 7 months ago · 1 comment
10. 10. ▲ Num2words PyPI Package Compromised (stepsecurity.io) 22 points · 8 months ago · 6 comments