Outer Web | Explore

Explore >> Select a destination

You are here		adnanthekhan.com The Monsters in Your Build Cache - GitHub Actions Cache Poisoning - Adnan Khan's Blog
\|	\|	johnstawinski.com Playing with Fire - How We Executed a Critical Supply Chain Attack on PyTorch - John Stawinski IV	8.9 parsecs away Travel
\|	\|	Security tends to lag behind adoption, and AI/ML is no exception. Four months ago, Adnan Khan and I exploited a critical CI/CD vulnerability in PyTorch, one of the world's leading ML platforms. Used by titans like Google, Meta, Boeing, and Lockheed Martin, PyTorch is a major target for hackers and nation-states alike. Thankfully, we exploited...	8.9 parsecs away Travel
\|	\|	securitylab.github.com Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests \| GitHub Security Lab	10.4 parsecs away Travel
\|	\|	In this article, well discuss some common security malpractices for GitHub Actions and workflows, and how to best avoid them. Our examples are based on real-world GitHub workflow implementation vulnerabilities the GitHub Security Lab has reported to maintainers.	10.4 parsecs away Travel
\|	\|	www.evasec.io Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications	10.4 parsecs away Travel
\|	\|	Multiple vulnerabilities affecting the CocoaPods ecosystem, have been discovered, posing a major risk of supply chain attacks.	10.4 parsecs away Travel
\|	\|	www.preemptive.com What Is CNAPP?	61.0 parsecs away Travel
\|		CNAPP is a cloud security platform that integrates multiple tools for unified protection, automating threat detection and ensuring compliance in dynamic environments.	61.0 parsecs away Travel