1+ day, 23+ hour ago  (532+ words) We confirmed end to end exploitation by detonating laravel-lang/http-statuses v3. 4. 5 in an isolated Git Hub Actions runner protected by Harden-Runner in audit mode. The other three packages share identical commit structure but have not been detonated yet. We expect they…...

2+ day, 9+ hour ago  (468+ words) Branch protection rules are the primary gate preventing unauthorized workflow injection. Repositories without mandatory pull request reviews allow any account with write access, or any accepted PR from a public fork with weak merge controls, to land workflow changes directly…...

1+ week, 1+ day ago  (910+ words) The secondary C2 domain t. m-kosche[.]com directly ties this attack to Team PCP's Mini Shai-Hulud campaign, the same threat group behind the recent Tan Stack, Mistral AI, Lite LLM, and @antv compromises. The durabletask package marks yet another victim in what…...

6+ day, 6+ hour ago  (353+ words) The popular Git Hub Action actions-cool/issues-helper has been compromised. Every existing tag in the repository has been moved to point to a imposter commits that does not appear in the action's normal commit history. That commit contains malicious code…...

5+ day, 18+ hour ago  (1578+ words) If you installed any affected package, assume all secrets accessible in that environment are compromised. Rotate all credentials immediately. This list is growing as the attack continues to spread. We installed echarts-for-react@3. 0. 7 in a Git Hub Actions workflow protected by…...

6+ day, 5+ hour ago  (1195+ words) One capability that stands out: the payload contains full Sigstore integration, including Fulcio certificate issuance and SLSA provenance generation. Combined with stolen npm OIDC tokens, this means the attacker could publish downstream npm packages with valid, cryptographically signed provenance attestations,…...

1+ week, 3+ day ago  (1029+ words) The attack is surgically precise. Publishing across two major version lines at once is a deliberate blast-radius maximization strategy: users pinned to ~9. 1. x, ~9. 2. x, ^9, ^12, or ~12. 0 all received the compromised package automatically on their next install or lockfile refresh. The 9. x…...

2+ week, 18+ hour ago  (1511+ words) The Team PCP threat group has launched a new wave of their Mini Shai-Hulud worm, actively compromising legitimate npm packages. We have notified the maintainers for the compromised packages. This incident by detected by Step Security AI'Package Analyst. If you…...

3+ week, 3+ day ago  (218+ words) We analyzed both wheels. The last clean release is 2. 6. 1, published January 30, 2026. Full payload analysis is ongoing and this post will be updated as additional details become available. Both compromised wheels bundle a hidden _runtime/ directory containing two files: The attack fires…...

3+ week, 4+ day ago  (1691+ words) Step Security's OSS'AI Package Analyst and Harden-Runner detected this compromise within minutes of the first malicious publish. We responsibly disclosed[1][2] the breach by creating Git Hub issues on the affected repositories and directly notifying SAP's security team. This is the…...