SecurityWeek

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets

A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of secrets.
GitHub

Integrations with .NET Aspire for AWS

This repositry contains the integrations with .NET Aspire for AWS. The AWS integrations focus on provisioning and working with AWS application resources in development environment. Making the dev ...
SecurityWeek

Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack

With more than 4 million weekly downloads, the Nx build platform became the first known supply chain breach where hackers weaponized AI assistants for data theft. Hackers stole thousands of ...
GitHub

aws-stepfunctions-tasks: CallAwsServiceCrossRegion credentials property does not work as expected for cross-account scenarios

The current implementation appears to assume the credentials role at the StateMachine level rather than passing it to the Lambda function for AWS SDK calls only. This causes the cross-account role to ...