Tracebit Community Edition
Lightweight, real-time intrusion detection of events you really need to know about. Completely free, forever.
Detecting CI/CD Supply Chain Attacks with Canary Credentials | Tracebit
tracebit.comA single threat actor - TeamPCP - compromised a chain of widely-used open source tools: Trivy, KICS, LiteLLM, and Telnyx. This post looks at the campaign and explores the question: once you've pinned your actions and hardened your runners, what actually detects credential exfiltration from a compromised CI/CD pipeline?