All news with #ci cd security tag

🧭 Cloudflare introduces Flagship, a native feature-flag service built on the CNCF standard OpenFeature that evaluates flags at the edge using Workers, Durable Objects, and KV. The Worker binding performs in-isolate evaluations with typed accessors and full evaluation details, avoiding external HTTP calls and reducing latency. Flagship centralizes flag storage, change auditing, percentage rollouts, and nested targeting rules, and is now available in private beta to help teams safely ship autonomous or AI-assisted code.

🔒 Recent weeks have seen multiple high-profile supply chain compromises, including malicious modifications to Axios and repository hijacks by TeamPCP that impacted tools such as Trivy. These incidents highlight how widely used libraries can rapidly propagate risk and complicate inventory and remediation efforts. The report emphasizes securing identity and CI/CD pipelines, maintaining accurate software inventories, prioritizing rapid patching, and reinforcing fundamentals like segmentation, robust logging, and multi-factor authentication to limit impact and lateral movement.

🔒 CERT‑EU traced the Europa.eu data theft to a supply‑chain compromise of Trivy, the open‑source vulnerability scanner, which exposed an AWS API key and led to the theft of approximately 350 GB of web data (91.7 GB compressed). The actor, publicly linked to TeamPCP, exploited a GitHub Actions misconfiguration (CVE-2026-33634) to force CI/CD pipelines to pull credential‑stealing malware via manipulated Trivy tags. Stolen material was later passed to ShinyHunters. CERT‑EU urges updating to safe Trivy releases, rotating cloud credentials, auditing CI/CD usage, and binding GitHub Actions to immutable SHA‑1 hashes.

⚠️ Unit 42 describes a multi-stage supply chain campaign by TeamPCP that compromised widely used security and developer tooling, including Trivy, KICS, LiteLLM, and the Telnyx Python SDK. The attackers injected infostealer payloads into GitHub Actions and PyPI/npm packages to harvest cloud tokens, SSH keys, Kubernetes secrets, and LLM API keys while preserving normal tool behavior. The operation leveraged decentralized ICP canisters for resilient C2 and deployed a worm/wiper named CanisterWorm, prompting urgent CI/CD and cloud identity hardening guidance.

🔒 Millions of CI/CD pipelines were exposed after the threat actor TeamPCP injected malicious code into widely used tools — Trivy, Checkmarx workflows, and LiteLLM packages — enabling credential theft and persistent backdoors. The compromised artifacts were live only briefly but likely executed broadly, exfiltrating cloud keys, SSH credentials and cryptocurrency wallets. Immediate steps include pinning dependencies to exact SHAs, rotating secrets, hunting for traffic to typosquatted domains, and restoring affected systems from verified backups.

🔒 Microsoft provides operational guidance to detect, investigate, and mitigate the March 19, 2026 supply-chain compromise that weaponized the Trivy vulnerability scanner and related GitHub Actions. The campaign, attributed to TeamPCP, used prior access to force-push tag changes and publish a trojanized Trivy binary (v0.69.4), enabling credential theft while preserving legitimate scan output. The guidance describes observable telemetry, hunting queries, and immediate remediation steps including safe versions, action pinning, and secrets protections.

⚠️ Security researchers report that TeamPCP published backdoored litellm packages (v1.82.7 and v1.82.8) to PyPI on March 24, 2026, likely leveraging a Trivy compromise in the project's CI/CD. The malicious wheels included a three-stage payload: a credential harvester, a Kubernetes lateral-movement toolkit, and a persistent systemd backdoor executed at import or interpreter startup. Vendors removed the tainted releases and urge immediate audits, isolation of affected hosts, credential rotation, and inspection of Kubernetes clusters for rogue pods and persistence.

🔒 This week’s recap highlights a major supply-chain compromise of Trivy, where attackers injected credential‑stealing malware into official releases and GitHub Actions, producing a self‑propagating worm called CanisterWorm that affected thousands of CI/CD workflows. Law enforcement dismantled several massive IoT botnets built from routers, cameras and DVRs, while high‑severity flaws — including a critical Langflow RCE and a Cisco FMC 0‑day exploited by Interlock ransomware — were weaponized within hours of disclosure.

🔍 CrowdStrike linked a spike in script-execution detections to a compromised GitHub Action, aquasecurity/trivy-action, used widely in CI/CD pipelines. An attacker force‑repointed 76 of 77 release tags to commits that prepended a ~105‑line credential stealer to the legitimate entrypoint, enabling secret harvesting on both GitHub-hosted and self‑hosted runners. Harvested data was encrypted with AES-256-CBC and a hardcoded 4096‑bit RSA key, then exfiltrated via a typosquatted domain and, as a fallback, by creating public GitHub releases under victim accounts; the malicious code then invoked the original scanner to hide its activity.

🚀 AWS Elastic Beanstalk now offers an official GitHub Action that automates deployments when you push code or configuration changes, simplifying CI/CD for web applications. The action creates applications and environments as needed, packages and uploads artifacts to S3, and manages application versions and environment settings. It supports health checks, deployment validation, configurable exclusions for package contents, intelligent retry logic, and integrates with IAM via OpenID Connect for secure, token-based authentication. The action is available in all commercial AWS Regions where Elastic Beanstalk is offered.

📞 Amazon Connect now provides APIs to configure and run tests that simulate contact center voice interactions. You can programmatically set test parameters such as caller phone number or customer profile, call intent, expected responses, and business conditions like after-hours or full queues. The APIs support parallel execution and CI/CD integration to enable automated regression testing. These capabilities help validate workflows and accelerate safe deployments of new customer experiences.

🐛 Shai‑Hulud marks a shift from passive supply‑chain tricks to an actively propagating worm that targets developer identities and CI/CD trust. Variants harvest NPM tokens, GitHub secrets and leverage stolen credentials to publish infected packages automatically, often including a dead‑man switch to erase traces. CISOs must treat pipelines and AI-assisted tooling as primary attack surfaces.

⚠️ Researchers at Aikido Security discovered that AI agents embedded in CI/CD workflows can be manipulated to execute high-privilege commands by feeding user-controlled strings (issue bodies, PR descriptions, commit messages) directly into prompts. Workflows pairing GitHub Actions or GitLab CI/CD with tools like Gemini CLI, Claude Code, OpenAI Codex or GitHub AI Inference are at risk. The attack, dubbed PromptPwnd, can cause unintended repository edits, secret disclosure, or other high-impact actions; the researchers published detection rules and a free scanner to help teams remediate unsafe workflows.

🔐 CISOs must stop being the “department of no” and enable rapid product delivery without introducing new risks. Security needs to be embedded early through close collaboration with product teams, clear business-aligned risk tolerances, and pragmatic guardrails. Assign a dedicated security partner to each product, integrate CI/CD and Infrastructure-as-Code enforcement, and automate policy checks so safe changes proceed while risky ones fail with actionable remediation.

🚀 Amazon Web Services is previewing Amazon EC2 M4 Max Mac instances, powered by the latest Mac Studio hardware to accelerate demanding Apple build and test workflows. These next-generation Mac instances target developers building for iOS, macOS, iPadOS, tvOS, watchOS, visionOS, and Safari. M4 Max offers a 16-core CPU, 40-core GPU, 16-core Neural Engine, and 128 GB unified memory, plus Nitro-based networking and EBS bandwidth to support large-scale CI/CD and testing.

🔒 Security leaders must shift from gatekeeper to partner, embedding practical risk controls early in product lifecycles so teams can deliver fast without exposing the business. By defining business-language risk tolerances, standardizing identity and logging, and automating guardrails in CI/CD and infrastructure-as-code, governance becomes an accelerator rather than a bottleneck. Pre-vetted, secure-by-default templates, runtime shielding and risk-based telemetry make the secure path easier for developers while preserving production resilience.

⚠️ A malicious npm package, @acitons/artifact, impersonated the legitimate @actions/artifact module and was uploaded on November 7 to specifically target GitHub Actions CI/CD workflows. It included a post-install hook that executed an obfuscated shell-script named "harness," which fetched a JavaScript payload (verify.js) to detect GitHub runners and exfiltrate build tokens. Using those tokens the attacker could publish artifacts and impersonate GitHub; the package accrued over 260,000 downloads across six versions before detection.

🔍 Cybersecurity researchers uncovered a malicious npm package, @acitons/artifact, that typosquats the legitimate @actions/artifact package to target GitHub-owned repositories. Veracode says versions 4.0.12–4.0.17 included a post-install hook that downloaded and executed a payload intended to exfiltrate build tokens and then publish artifacts as GitHub. The actor (npm user blakesdev) removed the offending versions and the last public npm release remains 4.0.10. Recommended actions include removing the malicious versions, auditing dependencies for typosquats, rotating exposed tokens, and hardening CI/CD supply-chain protections.

🚀 Amazon ECS now supports built-in linear and canary deployment strategies to give teams finer control over traffic shifts during container rollouts. Linear deployments shift traffic in equal percentage steps with configurable step percentage and step bake time, while canary deployments route a small portion of traffic to the new revision for a configurable canary bake time before completing the shift. Both strategies provide a post-deployment bake time, support deployment lifecycle hooks, and can use Amazon CloudWatch alarms to detect failures and trigger automated rollbacks. The feature is available in all commercial AWS Regions and is supported via Console, SDK, CLI, CloudFormation, CDK, and Terraform for services using ALB or ECS Service Connect.

🔒 Falcon Cloud Security provides end-to-end protection for AI development pipelines by embedding AI detection into CI/CD workflows, scanning container images, and surfacing AI-related packages and CVEs in real time. It extends visibility to cloud model services — including AWS SageMaker and Bedrock, Azure AI, and Google Vertex AI — revealing model provenance, dependencies, and API usage. Runtime inventory ties build-time detections to live containers so teams can prioritize fixes, govern models, and maintain delivery velocity without compromising security.