TeamPCP weaponized 76 Trivy version tags overnight. The KICS attack followed the same playbook days later. One security control is not enough. Here is how the StepSecurity platform's ten independent security layers work together to prevent credential exfiltration, detect compromised actions at runtime, and respond to incidents across your entire organization before attackers can succeed.

Hijacked maintainer account used to publish poisoned axios releases including 1.14.1 and 0.30.4. The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis.

A supply chain attack targeting Solidity and Web3 developers has been discovered across three IoliteLabs VSCode extensions (solidity-macos, solidity-windows, and solidity-linux) embedding obfuscated backdoors that download remote payloads and establish persistence on all major platforms. StepSecurity is actively investigating this incident and will publish a full technical analysis with IOCs and remediation guidance shortly.

On March 27, 2026, TeamPCP injected a WAV steganography-based credential stealer into two releases of the telnyx Python SDK on PyPI. The issue was disclosed in team-telnyx/telnyx-python#235. TeamPCP is the same group behind the litellm supply chain compromise three days earlier, identified by a shared RSA-4096 public key, identical encryption scheme, and the tpcp.tar.gz exfiltration signature present in both attacks.

On March 24, 2026, a critical supply chain compromise was identified in litellm==1.82.8: the PyPI package contains a malicious litellm_init.pth file

All release tags in the Checkmarx/kics-github-action repository have been compromised with an infostealer payload. If you are using this Action pinned to any version tag, treat your CI/CD secrets as compromised and rotate immediately.

Following Trivy's compromise, StepSecurity's AI Package Analyst flagged suspicious new releases across multiple npm scopes — revealing CanisterWorm, a self-propagating npm worm deployed by the TeamPCP threat actor. The worm is a direct continuation of the second Trivy compromise (v0.69.4): attackers embedded a credential harvester in Trivy's CI/CD toolchain, stole npm tokens from affected pipelines, then used those tokens to publish backdoored patch versions across every namespace they could reach — including the @opengov scope (16+ packages).

On March 19, 2026, trivy — a widely used open source vulnerability scanner maintained by Aqua Security — experienced a second security incident. Three weeks after the hackerbot-claw incident on February 28 that resulted in a repository takeover, a new compromised release (v0.69.4) was published to the trivy repository. The original incident disclosure discussion (#10265) was also deleted during this period, and version tags on the aquasecurity/setup-trivy GitHub Action were removed. Trivy maintainers deleted the v0.69.4 tag and Homebrew downgraded to v0.69.3. The following is a factual account of what we observed through public GitHub data.

On March 17, 2026, bittensor-wallet 4.0.2 was identified as a compromised PyPI package. The malicious release had been live on PyPI for approximately 48 hours before being yanked. This post is a ground-up technical breakdown based on a direct diff of the source tarballs for versions 4.0.1 and 4.0.2 — covering exactly what changed, how the backdoor works, and what defenders should do. We also ran the compromised package with StepSecurity Harden Runner and captured every C2 channel firing in real time.

On March 16, 2026, StepSecurity Threat Intel was the first to detect and report malicious releases in two popular React Native npm packages — react-native-international-phone-number and react-native-country-select. StepSecurity's AI Package Analyst flagged the compromised versions, and within minutes, StepSecurity filed security issues directly in both GitHub repositories — alerting the maintainer and the community before any other security vendor.

The StepSecurity threat intelligence team discovered that dev-protocol — a verified GitHub organization with 568 followers belonging to a legitimate Japanese DeFi project — has been hijacked and is now being used to distribute malicious Polymarket trading bots.

The StepSecurity threat intelligence team was the first to discover and report on an ongoing campaign — which we are tracking as ForceMemo — in which an attacker is compromising hundreds of GitHub accounts and injecting identical malware into hundreds of Python repositories. The earliest injections date to March 8, 2026, and the campaign is still active with new repos continuing to be compromised.

The official Xygeni GitHub Action (xygeni-action) was compromised on March 3, 2026, when an attacker using stolen maintainer credentials injected a full C2 reverse shell backdoor and silently moved the mutable v5 tag to the malicious commit - affecting all repositories referencing @v5 without any visible change to their workflow files. The v5 tag remains poisoned as of March 9; users should immediately pin to v6.4.0 or a specific commit SHA, and StepSecurity's Harden-Runner would have detected and blocked the C2 callback to 91.214.78.178.

A week-long automated attack campaign targeted CI/CD pipelines across major open source repositories, achieving remote code execution in at least 4 out of 5 targets. The attacker, an autonomous bot called hackerbot-claw, used 5 different exploitation techniques and successfully exfiltrated a GitHub token with write permissions from one of the most popular repositories on GitHub. This post breaks down each attack, shows the evidence, and explains what you can do to protect your workflows.

Your developer machine is running AI agents, MCP servers, IDE extensions, and hundreds of packages. Do you know which ones? Now there's a free, open-source way to find out.

On March 5, 2026, a threat actor exploited a classic "Pwn Request" vulnerability in the CI workflow of kubernetes-el/kubernetes-el, a popular Emacs package for managing Kubernetes clusters. The attacker stole the repository's GITHUB_TOKEN (with full write permissions), exfiltrated CI/CD secrets, defaced the repository, and injected destructive code.

Datadog's State of DevSecOps 2026 report confirms what StepSecurity has been warning about for years: CI/CD pipelines and GitHub Actions are prime targets for supply chain attacks. Learn how StepSecurity's platform directly mitigates every major risk identified in the report, from unpinned actions to day-of-release dependencies.

StepSecurity AI Package Analyst detected 70+ ghost releases across npm's most trusted TypeScript packages.

Harden Runner now supports Windows and macOS GitHub Actions runners, delivering EDR-level runtime security across Linux, Windows, and macOS CI/CD pipelines

AI coding agents install packages, create pull requests, push commits, and run autonomously in CI/CD pipelines. Here's how to secure every stage of that workflow

How StepSecurity delivers real-world protection across all critical pillars identified in Wiz's SDLC Infrastructure Threat Framework (SITF)

From 5,000 to 10,000 in just one year: How Harden-Runner doubled its reach and became the standard for CI/CD runtime security

Massive NPM supply chain attack targets cryptocurrency users through compromised maintainer account - affecting packages downloaded billions of times weekly including debug, chalk, ansi-styles, color-convert, strip-ansi and 15+ other critical JavaScript packages. Malicious code injected to steal cryptocurrency wallets and redirect blockchain transactions.

Discover the key developments in CI/CD security in 2024, including major incidents, real-world case studies, and emerging trends for 2025. Learn how StepSecurity is driving innovation to secure CI/CD pipelines with proactive solutions.

Discover best practices for using Docker in Actions Runner Controller (ARC) runners securely. Learn how to implement network egress filtering and runtime security to protect your CI/CD pipelines effectively.

StepSecurity Harden-Runner has secured 1,000+ repositories! Celebrate this milestone with us as we reflect on our journey of growth, collaboration, and commitment to enhancing CI/CD security.

StepSecurity detected early supply chain risk signals in a legitimate kilocode npm release, showing how small behavior changes can quietly weaken trust before attacks happen

npm 'is' package versions 3.3.1 and 5.0.0 compromised - critical utility with millions of weekly downloads falls victim to expanding phishing campaign

Unlike GitHub Copilot's built-in network firewall, anthropics/claude-code-action GitHub action operates in GitHub Actions without network restrictions by default. Complete guide to implementing Claude Code in GitHub Actions with runtime security monitoring using Harden-Runner.

tj-actions/changed-files

Explore StepSecurity's Catalog of Fixes, a comprehensive resource to help developers automate security fixes in GitHub Actions workflows. Learn how to improve CI/CD security with actionable solutions.

StepSecurity has secured over 400 repositories and is shaping the future of CI/CD security. Learn about our impact, key milestones, and upcoming plans to enhance GitHub Actions security.

StepSecurity introduces anomalous outbound call detection using machine learning! Learn how this feature enhances CI/CD security by identifying and mitigating suspicious network activities in real-time.

Introducing GitHub Actions Advisor and StepSecurity-maintained Actions! Learn how these tools help developers enhance GitHub Actions security, manage third-party risks, and ensure workflow compliance effortlessly.

Explore an in-depth analysis of the backdoored XZ Utils build process using StepSecurity Harden-Runner. Learn how real-time monitoring detected malicious activity and safeguarded CI/CD pipelines from supply chain attacks.

StepSecurity announces the general availability of Harden-Runner! Discover how this powerful tool enhances CI/CD security by monitoring network egress, detecting anomalies, and automating GitHub Actions protection.

StepSecurity Harden-Runner has secured 2,500+ public repositories! Learn how this milestone reflects the growing trust in CI/CD security solutions to protect GitHub Actions workflows and prevent supply chain attacks.

Learn how to build secure, secretless CI/CD pipelines using the "Wait for Secrets" approach by StepSecurity. Discover how to reduce secret exposure risks and enhance GitHub Actions security.

Get visibility into GitHub Apps, fine-grained PATs, and classic PATs across all your organizations in one dashboard

CVE-2026-22709; vm2

StepSecurity now supports dark mode for a more comfortable security investigation experience. Reduce eye strain and stay focused during long CI/CD analysis sessions

Modern supply chain attacks target developer machines and AI coding agents. Learn how StepSecurity Developer MDM stops credential theft early

How StepSecurity achieved 5X ARR growth for the second year in a row while securing over 10,000 open-source repositories in 2025

GitHub's new custom runner images let you embed Harden-Runner directly into your infrastructure, providing automatic runtime protection across all workflows without modifying a single workflow file

The StepSecurity App is now available on Azure Marketplace—simplifying procurement, deployment, and CI/CD security in one place.

CVE-2025-55182;CVE-2025-66478;reactjs;nextjs

A case study on detecting npm supply chain attacks through runtime monitoring and baseline anomaly detection

Sha1-Hulud: The Second Coming

We are currently investigating a potential supply chain security incident involving the eslint-config-prettier npm package. This widely-used package, which helps developers maintain consistent code formatting by turning off ESLint rules that conflict with Prettier, appears to have had multiple versions published with suspicious modifications.

StepSecurity Harden-Runner now protects 9,000+ open-source projects, delivering real-time CI/CD runtime security and defending pipelines against modern supply chain attacks.

The Shai-Hulud worm has infected over 500 NPM packages including @ctrl/tinycolor in an unprecedented self-propagating supply chain attack. The malware harvests AWS/GCP/Azure credentials using TruffleHog, establishes persistence through GitHub Actions backdoors, and automatically spreads to other maintainer packages - marking the first successful worm attack in the NPM ecosystem.

Instantly trace any npm package to its origin—across every repository, pull request, and contributor—with StepSecurity’s NPM Package Search.

We’re thrilled to announce that we are sponsoring GitHub Universe 2025 as a Bronze Sponsor — our very first booth at a major conference!

s1ngularity attack hijacked Nx package on npm to steal cryptocurrency wallets, GitHub/npm tokens, SSH keys, and environment secrets - the first documented case of malware weaponizing AI CLI tools for reconnaissance and data exfiltration.

Protect your software supply chain with StepSecurity Threat Intelligence. Get real-time alerts on compromised packages, seamless SIEM integration, and actionable intelligence to reduce MTTD and MTTR.

StepSecurity’s Harden-Runner now protects 8,000+ repositories with EDR-style runtime monitoring for CI/CD pipelines, stopping supply chain attacks and securing GitHub Actions.

Learn how to secure Google Gemini in GitHub Actions with Harden-Runner, combining observability with runtime monitoring for CI/CD security

GitGuardian researchers discover massive supply chain attack affecting 817 repositories across 327 GitHub users. Malicious workflows exfiltrated 3,325 secrets including PyPI, npm, and DockerHub tokens through compromised developer accounts.

We’re excited to announce the release of our NPM Package Cooldown Check, which helps teams block newly released, potentially compromised dependencies, while still allowing emergency fixes and integrating seamlessly into GitHub workflows

Secure GitHub Copilot in CI/CD with StepSecurity Harden-Runner. Gain runtime visibility, block threats, and achieve true defense-in-depth.

The ROI Calculator provides instant visibility into your GitHub Actions security gaps and quantifies the value of addressing them.

Microsoft Defender was unexpectedly installed on multiple workflow runs from mid-July through mid-August, causing abnormal network traffic. StepSecurity Harden Runner detected this infrastructure anomaly within hours, and GitHub Support has since resolved the issue

Learn how StepSecurity Harden-Runner detects source code tampering during the build process. Discover how real-time monitoring enhances CI/CD security by preventing unauthorized code modifications.

How an AWS release rollback triggered the same red flags as a supply chain attack — and why treating every tag movement as suspicious is key to protecting your CI/CD pipelines

We reveal how baseline-driven monitoring caught one of 2025's most consequential CI/CD supply chain attacks, exposing the vulnerability of 23,000+ repositories including those from GitHub, Meta, and Microsoft.

How threat actors exploited AWS CodeBuild pipelines by stealing secrets from CI/CD memory—and the proactive defenses organizations can deploy to detect, respond to, and prevent such attacks.

Popular Python Package num2words v0.5.15 Published Without Repository Tag, Linked to Known Threat Actor

As organizations integrate AI coding agents into their development pipelines, new security considerations emerge. While these tools accelerate development, they require thoughtful security approaches to protect against novel attack vectors like Rules File Backdoor attacks and GITHUB_TOKEN compromise.

Several popular GitHub Actions have release processes where the release commit does not belong to any branch on the action repository.

Discover GitHub Actions secrets management best practices to protect sensitive information in your CI/CD pipelines. Learn how to securely store, use, and manage secrets with actionable tips from StepSecurity.

reviewdog GitHub Actions are compromised

StepSecurity’s Harden-Runner now protects over 7,000 GitHub repositories with real-time CI/CD runtime monitoring, threat detection, and supply chain security enforcement—backed by features like impostor commit alerts, process-based detections, and GitLab support.

Policy Driven PRs now upgrade third-party Actions to StepSecurity Maintained versions across your entire organization

The StepSecurity App is now available on AWS Marketplace—simplifying procurement, deployment, and CI/CD security in one place

StepSecurity Artifact Monitoring continuously watches your artifact registries to verify every release follows your approved CI/CD process. When attackers bypass your secure pipeline using compromised credentials, you'll know within minutes instead of months

Workflow Run Policies enable you to block non-compliant GitHub Actions workflow runs, helping security and platform teams stop risky workflows before they execute

StepSecurity's Harden-Runner detected unexpected traffic to release-assets.githubusercontent.com across multiple GitHub Actions workflows, prompting a swift investigation. Learn how baseline monitoring caught this change, why it matters for CI/CD security, and how to stay protected.

On Saturday, April 26, 2025, Grafana Labs disclosed that an unauthorized user leveraged a vulnerability in a GitHub Actions workflow within a public Grafana Labs repository. This led to the exposure of a small number of secrets. Grafana Labs stated that their detections immediately triggered alerts, and the team responded by mitigating the vulnerability, rotating keys, and verifying that there was no access to production systems or data.

Export Harden-Runner security insights and detections to Amazon S3 for real-time analysis, long-term storage, and seamless SIEM integration.

harden-runner

Announcing Policy-Driven Automated Pull Requests for CI/CD Misconfiguration Remediation

runson,stepsecurity

GitHub Actions Security

CI/CD runners are a critical but often overlooked security risk. Learn how unmonitored runners can expose your pipelines to supply chain attacks and compliance gaps (PCI-DSS, SOC 2, HIPAA, ISO 27001). Discover how StepSecurity Harden-Runner enhances CI/CD security with real-time monitoring, egress control, and process tracking.

Harden-Runner detected an unexpected outbound call from Docker across multiple customer environments. Surprisingly, it wasn’t listed in Docker’s allow list, and no EDR tool flagged it. Here’s how we identified it, reported it, and got it added to Docker’s documentation.

StepSecurity Harden-Runner secures over 5,000 open-source GitHub Actions workflows! Learn how it prevents CI/CD supply chain attacks, integrates with GitHub Checks, and provides real-time security insights.

Learn about the 'Pwn Request' vulnerability in GitHub Actions, its risks, and how to secure workflows from exploitation. Discover best practices and tools like StepSecurity to protect against CI/CD threats.

Discover how a CI/CD vulnerability in Ultralytics' GitHub Actions was exploited to inject a cryptominer, exfiltrate secrets, and poison build caches. Learn how StepSecurity Harden-Runner detects and mitigates such threats with advanced runtime monitoring and network egress controls, safeguarding CI/CD pipelines from supply chain attacks.

Explore how a vulnerability in PyTorch's CI/CD pipeline exposed critical risks of self-hosted runners, enabling attacks on secrets, software releases, and cloud resources. Learn prevention strategies with StepSecurity's Harden Runner.

Discover StepSecurity’s Unified Network Egress View for GitHub Actions. Learn how to centralize and monitor network destinations across your enterprise to enhance CI/CD security and prevent data exfiltration.

Explore key CI/CD security trends for 2024, including shifts to modern platforms, third-party component risks, rising security incidents, and the growing need for secure pipelines. Learn how to protect your organization from evolving threats in the CI/CD landscape.

StepSecurity's orchestration platform is now securing 500+ open-source projects! Celebrate this milestone and learn how our platform unites developers and security teams to protect CI/CD workflows.

Secure your GitHub workflows with best practices for managing third-party GitHub Actions. Learn about risks, policies, code auditing, forking, pinning, and author verification to enhance CI/CD security.

StepSecurity is honored to be recognized among CRN's 10 Hottest DevOps Startups of 2024! Discover how we're transforming CI/CD security and protecting GitHub Actions workflows worldwide.

Streamline your GitHub Actions workflows with StepSecurity! Learn how to automate security best practices, manage token permissions, and protect your CI/CD pipelines from supply chain attacks.

StepSecurity has achieved SOC 2 Type 2 compliance, strengthening its commitment to security and data protection. Learn how this milestone enhances trust and ensures secure CI/CD solutions for organizations.

Learn how StepSecurity aligns with CISA's CI/CD security guidance to help organizations protect their CI/CD pipelines. Discover key security practices and how StepSecurity automates compliance.

StepSecurity has joined the Open Source Security Foundation (OpenSSF)! Learn how this collaboration strengthens our mission to enhance open-source software security and protect CI/CD pipelines.

StepSecurity secures $3M seed funding to revolutionize CI/CD pipeline security. Learn about our mission, unique approach, and roadmap to protect open-source and enterprise CI/CD environments.