Finding Unpinned and Unpinnable GitHub Actions
How to identify unpinned and unpinnable GitHub actions across your organisation
Trivy Compromised a Second Time - Malicious v0.69.4 Release, aquasecurity/setup-trivy, aquasecurity/trivy-action GitHub Actions Compromised - StepSecurity
stepsecurity.ioOn March 19, 2026, trivy — a widely used open source vulnerability scanner maintained by Aqua Security — experienced a second security incident. Three weeks after the hackerbot-claw incident on February 28 that resulted in a repository takeover, a new compromised release (v0.69.4) was published to the trivy repository. The original incident disclosure discussion (#10265) was also deleted during this period, and version tags on the aquasecurity/setup-trivy GitHub Action were removed. Trivy maintainers deleted the v0.69.4 tag and Homebrew downgraded to v0.69.3. The following is a factual account of what we observed through public GitHub data.
Kudelski Security Research
The Latest News from Research at Kudelski Security
Attackers are now targeting your AI coding tool · Siddhant Khare
The Bitwarden CLI supply chain attack explicitly hunted Claude Code, Cursor, and Codex CLI configs. The same week, DPRK confirmed slopsquatting works in the wild. Here is what happened and what to do.
TeamPCP expands: Supply chain compromise spreads from Trivy to Checkmarx GitHub Actions | Sysdig
The Sysdig Threat Research Team (TRT) reveals how TeamPCP’s supply chain attack spread from Trivy to Checkmarx, reusing stolen CI/CD credentials to compromise GitHub Actions and evade traditional detection.
GitHub - step-security/harden-runner: Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re...
Auditing my local Python packages
Python's virtual environments mean I can have many versions of the same package scattered across my machine. I've started keeping a list of my environments so I can see exactly what's installed, and where.
Trivy Compromised by "TeamPCP" | Wiz Blog
Breaking down the March 2026 Trivy supply chain attack. TeamPCP compromised trivy + trivy-action & setup-trivy GitHub Actions, deploying credential stealers.
GitHub Actions is the weakest link
Anne Robinson would like a word with .github/workflows
LiteLLM and Telnyx compromised on PyPI: Tracing the TeamPCP supply chain campaign | Datadog Security Labs
On March 24 and 27, 2026, malicious PyPI releases of LiteLLM and Telnyx were published as part of the TeamPCP supply chain campaign. We trace the full campaign from Trivy through npm, Checkmarx, and into PyPI.