| ▲ | wereHamster 4 hours ago | |
I'm looking forward to the analysis how the attacker managed to compromise CI. I was reading through the workflow and what immediately jumped out was a cache poisoning attack. Seems plausible, given https://github.com/TanStack/config/pull/381 edit: two hard things in computer science: naming things, cache invalidation, off-by-one errors, security. something something | ||
| ▲ | dgellow 2 hours ago | parent | next [-] | |
Yes it is a GitHub actions cache poisoning attack | ||
| ▲ | silverwind 3 hours ago | parent | prev [-] | |
Almost all these recent compromises seem to involve either cache poisoning or prompt injection via untrusted variables. | ||