The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Cryptopolitan on MSN

Cordyceps flaws let anyone with a free GitHub account hijack CI/CD pipelines at Microsoft, Google, and Apache

Security firm Novee has revealed Cordyceps as a class of exploitable CI/CD vulnerabilities across open-source repositories ...
Windows Report

Mozilla Warns Clean GitHub Repositories Can Trick Claude Code Into Running Malware

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
InfoWorld

Cloud Computing

Remember when writing code was free? AI is pushing software development into usage-billed proprietary platforms. But history repeats itself, and open foundations tend to win. Putting together a ...
GitHub

Continuous archiving for Postgres

WAL-E is obsolete. Though it has been used recently, nobody routinely reviews patches or fixes regressions that are occasionally introduced by changing libraries and Python versions. It is also not ...
GitHub

Pulumi Templates

We are currently re-evaluating what content belongs in github.com/pulumi/templates, how it should be organized, and how it should be maintained. During this ...