< ciso
brief />
Tag Banner

All news with #ci cd security tag

49 articles · page 2 of 3

Ship Code Fast with Gemini CLI CI/CD Extension

🚀 The Gemini CLI CI/CD extension lets developers deploy functional apps directly from a terminal, closing the gap between local prototyping and production pipelines. It performs a pre-deployment secret scan, analyzes project files, and can containerize using buildpacks before deploying to Cloud Run or Cloud Storage. For production workflows it can design CI/CD pipelines, provision resources, and generate Cloud Build YAML and triggers.
read more →

Quasar Linux RAT Targets Developers' Credentials, Pipelines

🔒 Trend Micro researchers disclosed a previously undocumented Linux implant dubbed Quasar Linux RAT (QLNX) that targets developers and DevOps credentials to establish a stealthy foothold. The fileless loader masquerades as kernel threads, erases logs, and persists via seven or more mechanisms such as systemd, crontab and .bashrc injection. Its credential harvester extracts secrets from high-value files including .npmrc, .pypirc, .git-credentials, .aws/credentials, .kube/config, .docker/config.json and .env, enabling registry poisoning, cloud access or CI/CD pivoting. QLNX also installs PAM inline-hook backdoors, a userland LD_PRELOAD rootkit and an eBPF kernel component to hide artifacts while supporting 58 remote commands and data exfiltration.
read more →

Critical RCE Vulnerability Discovered in Google Gemini CLI

🔒 Researchers disclosed a max-severity remote code execution (RCE) vulnerability in @google/gemini-cli and the associated GitHub Action that could load untrusted workspace configurations in headless CI environments. Google issued patches in 0.39.1, 0.40.0-preview.3 and updated the run-gemini-cli Action to 0.1.22, removing implicit workspace trust and enforcing tool allowlists. Teams that pin CLI versions are advised to upgrade and review workspace configurations immediately.
read more →

Shai-Hulud Worm Elevates npm Supply-Chain Risk Globally

🔒 Unit 42 describes a fundamental shift in the npm threat landscape following the September 2025 Shai‑Hulud worm and subsequent 2026 incidents. Adversaries now harvest npm and GitHub tokens to persist inside CI/CD pipelines, deploy dormant multi‑stage payloads, and automatically republish backdoored packages. The report attributes a broad, coordinated campaign to TeamPCP, documents propagation via Docker Hub, GitHub Actions and VS Code extensions, and recommends mitigations such as credential rotation, egress filtering, and dependency pinning.
read more →

Trojanized Bitwarden CLI in Supply Chain Attack Uncovered

🛡️ A malicious npm release of the Bitwarden CLI (version 2026.4.0) was briefly published after attackers compromised a GitHub Action in the project's CI/CD pipeline. The trojanized package included a loader that installs bun and executes a payload designed to harvest cloud, development, and CI credentials. Bitwarden reported no evidence of user vault access and the package was removed within roughly 1.5 hours, with compromised access revoked and remediation initiated.
read more →

Amazon SageMaker Unified Studio launches CI/CD CLI

🔧 Amazon has released the aws-smus-cicd-cli, an open-source command-line tool that automates deployment of multi-service data and AI applications built in SageMaker Unified Studio. Teams define applications once in an manifest.yaml, and the CLI substitutes stage-specific settings, provisions resources in dependency order, and runs post-deployment tests. Four lifecycle commands — describe, bundle, deploy, test — integrate with existing CI/CD pipelines to reduce configuration drift and speed releases. The CLI is available at no additional cost in supported Regions; you pay only for the AWS resources provisioned during deployment.
read more →

Flagship: Cloudflare's Native Feature Flag Service

🧭 Cloudflare introduces Flagship, a native feature-flag service built on the CNCF standard OpenFeature that evaluates flags at the edge using Workers, Durable Objects, and KV. The Worker binding performs in-isolate evaluations with typed accessors and full evaluation details, avoiding external HTTP calls and reducing latency. Flagship centralizes flag storage, change auditing, percentage rollouts, and nested targeting rules, and is now available in private beta to help teams safely ship autonomous or AI-assisted code.
read more →

Protecting the Software Supply Chain: 2026 Guidance

🔒 Recent weeks have seen multiple high-profile supply chain compromises, including malicious modifications to Axios and repository hijacks by TeamPCP that impacted tools such as Trivy. These incidents highlight how widely used libraries can rapidly propagate risk and complicate inventory and remediation efforts. The report emphasizes securing identity and CI/CD pipelines, maintaining accurate software inventories, prioritizing rapid patching, and reinforcing fundamentals like segmentation, robust logging, and multi-factor authentication to limit impact and lateral movement.
read more →

CERT-EU Attributes Europa.eu Breach to Trivy Supply-Chain

🔒 CERT‑EU traced the Europa.eu data theft to a supply‑chain compromise of Trivy, the open‑source vulnerability scanner, which exposed an AWS API key and led to the theft of approximately 350 GB of web data (91.7 GB compressed). The actor, publicly linked to TeamPCP, exploited a GitHub Actions misconfiguration (CVE-2026-33634) to force CI/CD pipelines to pull credential‑stealing malware via manipulated Trivy tags. Stolen material was later passed to ShinyHunters. CERT‑EU urges updating to safe Trivy releases, rotating cloud credentials, auditing CI/CD usage, and binding GitHub Actions to immutable SHA‑1 hashes.
read more →

TeamPCP Supply Chain Attack Compromises Security Tools

⚠️ Unit 42 describes a multi-stage supply chain campaign by TeamPCP that compromised widely used security and developer tooling, including Trivy, KICS, LiteLLM, and the Telnyx Python SDK. The attackers injected infostealer payloads into GitHub Actions and PyPI/npm packages to harvest cloud tokens, SSH keys, Kubernetes secrets, and LLM API keys while preserving normal tool behavior. The operation leveraged decentralized ICP canisters for resilient C2 and deployed a worm/wiper named CanisterWorm, prompting urgent CI/CD and cloud identity hardening guidance.
read more →

Supply-chain attack via Trivy, Checkmarx and LiteLLM

🔒 Millions of CI/CD pipelines were exposed after the threat actor TeamPCP injected malicious code into widely used tools — Trivy, Checkmarx workflows, and LiteLLM packages — enabling credential theft and persistent backdoors. The compromised artifacts were live only briefly but likely executed broadly, exfiltrating cloud keys, SSH credentials and cryptocurrency wallets. Immediate steps include pinning dependencies to exact SHAs, rotating secrets, hunting for traffic to typosquatted domains, and restoring affected systems from verified backups.
read more →

Detecting and Defending Trivy Supply Chain Compromise

🔒 Microsoft provides operational guidance to detect, investigate, and mitigate the March 19, 2026 supply-chain compromise that weaponized the Trivy vulnerability scanner and related GitHub Actions. The campaign, attributed to TeamPCP, used prior access to force-push tag changes and publish a trojanized Trivy binary (v0.69.4), enabling credential theft while preserving legitimate scan output. The guidance describes observable telemetry, hunting queries, and immediate remediation steps including safe versions, action pinning, and secrets protections.
read more →

TeamPCP Backdoors LiteLLM Versions on PyPI via Trivy

⚠️ Security researchers report that TeamPCP published backdoored litellm packages (v1.82.7 and v1.82.8) to PyPI on March 24, 2026, likely leveraging a Trivy compromise in the project's CI/CD. The malicious wheels included a three-stage payload: a credential harvester, a Kubernetes lateral-movement toolkit, and a persistent systemd backdoor executed at import or interpreter startup. Vendors removed the tainted releases and urge immediate audits, isolation of affected hosts, credential rotation, and inspection of Kubernetes clusters for rogue pods and persistence.
read more →

Weekly Cyber Recap: CI/CD Backdoor and Emerging Threats

🔒 This week’s recap highlights a major supply-chain compromise of Trivy, where attackers injected credential‑stealing malware into official releases and GitHub Actions, producing a self‑propagating worm called CanisterWorm that affected thousands of CI/CD workflows. Law enforcement dismantled several massive IoT botnets built from routers, cameras and DVRs, while high‑severity flaws — including a critical Langflow RCE and a Cisco FMC 0‑day exploited by Interlock ransomware — were weaponized within hours of disclosure.
read more →

Trivy GitHub Action Compromise: Credential Stealer Incident

🔍 CrowdStrike linked a spike in script-execution detections to a compromised GitHub Action, aquasecurity/trivy-action, used widely in CI/CD pipelines. An attacker force‑repointed 76 of 77 release tags to commits that prepended a ~105‑line credential stealer to the legitimate entrypoint, enabling secret harvesting on both GitHub-hosted and self‑hosted runners. Harvested data was encrypted with AES-256-CBC and a hardcoded 4096‑bit RSA key, then exfiltrated via a typosquatted domain and, as a fallback, by creating public GitHub releases under victim accounts; the malicious code then invoked the original scanner to hide its activity.
read more →

AWS Elastic Beanstalk Adds GitHub Action for CI/CD

🚀 AWS Elastic Beanstalk now offers an official GitHub Action that automates deployments when you push code or configuration changes, simplifying CI/CD for web applications. The action creates applications and environments as needed, packages and uploads artifacts to S3, and manages application versions and environment settings. It supports health checks, deployment validation, configurable exclusions for package contents, intelligent retry logic, and integrates with IAM via OpenID Connect for secure, token-based authentication. The action is available in all commercial AWS Regions where Elastic Beanstalk is offered.
read more →

Amazon Connect APIs for Simulating Voice Contact Tests

📞 Amazon Connect now provides APIs to configure and run tests that simulate contact center voice interactions. You can programmatically set test parameters such as caller phone number or customer profile, call intent, expected responses, and business conditions like after-hours or full queues. The APIs support parallel execution and CI/CD integration to enable automated regression testing. These capabilities help validate workflows and accelerate safe deployments of new customer experiences.
read more →

Active Worms in Software Supply Chains: Shai-Hulud Threat

🐛 Shai‑Hulud marks a shift from passive supply‑chain tricks to an actively propagating worm that targets developer identities and CI/CD trust. Variants harvest NPM tokens, GitHub secrets and leverage stolen credentials to publish infected packages automatically, often including a dead‑man switch to erase traces. CISOs must treat pipelines and AI-assisted tooling as primary attack surfaces.
read more →

AI Agents in CI/CD Can Be Tricked into Privileged Actions

⚠️ Researchers at Aikido Security discovered that AI agents embedded in CI/CD workflows can be manipulated to execute high-privilege commands by feeding user-controlled strings (issue bodies, PR descriptions, commit messages) directly into prompts. Workflows pairing GitHub Actions or GitLab CI/CD with tools like Gemini CLI, Claude Code, OpenAI Codex or GitHub AI Inference are at risk. The attack, dubbed PromptPwnd, can cause unintended repository edits, secret disclosure, or other high-impact actions; the researchers published detection rules and a free scanner to help teams remediate unsafe workflows.
read more →

The CISO Paradox: Enabling Innovation, Managing Risk

🔐 CISOs must stop being the “department of no” and enable rapid product delivery without introducing new risks. Security needs to be embedded early through close collaboration with product teams, clear business-aligned risk tolerances, and pragmatic guardrails. Assign a dedicated security partner to each product, integrate CI/CD and Infrastructure-as-Code enforcement, and automate policy checks so safe changes proceed while risky ones fail with actionable remediation.
read more →