Advertisement
HIGH
Supply Chain
CI/CD Pipeline Backdoors: Analyzing Recent Supply Chain Attacks
Exploration of supply chain risks in CI/CD pipelines, IoT device exploitation trends, and the security implications of government data acquisition.
Runtime Rebel Intel
3 min read·Mar 23, 2026
SU
HIGH
Supply Chain
Trivy Supply Chain Attack: TeamPCP Pushes Infostealer via GitHub
Threat actor TeamPCP compromised the Trivy-action repository to distribute infostealer malware through GitHub Actions, targeting CI/CD pipelines and secrets.
Runtime Rebel Intel
3 min read·Mar 21, 2026
HIGH
Supply Chain
SANDWORM_MODE: Malicious npm Cluster Automates Secret Harvesting and Crypto Theft
Security researchers have identified a coordinated campaign involving 19 malicious npm packages designed to exfiltrate CI/CD secrets, API tokens, and private cryptocurrency keys.
Runtime Rebel Intel
2 min read·Feb 23, 2026