Palo Alto Networks

GitHub

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree

Learn how a novel attack vector in GitHub Actions allows attackers to distribute malware across repositories using a technique that exploits the actions dependency tree and puts countless open-source projects and internal repositories at risk. Get an in-depth look at the attack vectors, technical details and a real-world demo in this blog post highlighting our latest research.

As the premier platform for hosting open-source projects, GitHub’s popularity has boosted the popula...

AppSec

CI/CD

DevOps

Research

Sep 14, 2023

By Asi Greenholts

Palo Alto Networks

Products and Services

Partners

CI/CD, DevOps

Unpinnable Actions: How Malicious Code Can Sneak into Your GitHub Actions W...

In today’s post, we look at action pinning, one of the profound mitigations against supply chain attacks in the GitHub Actions ecosystem. It turns out, though, that action pinning...

Aug 30, 2023

By Yaron Avital

AppSec, CI/CD, Research

Third-Party GitHub Actions: Effects of an Opt-Out Permission Model

GitHub Actions has gained immense popularity in recent years as a powerful and flexible automation platform for software development workflows. With its intuitive user interface, e...

Aug 16, 2023

By Yaron Avital

DevSecOps, Secure the Cloud

Top 3 IAM Risks in Your GitHub Organization

Identity and access management (IAM) has always been an area of focus for organizations, particularly when it comes to source control management systems (SCM). And rightly so — inadequate identity and access ma...

Jul 18, 2023

By Omer Gil and Yaron Avital

Playbook of the Week

Playbook of the Week: Automating CI/CD Pull Requests in GitHub

Continuous integration and delivery (CI/CD) is the set of processes that helps DevOps teams build and deliver high-quality software quickly. Integrating security into CI/CD typical...

Feb 17, 2023

By Shelly Tzohar

DevSecOps

Shift Security Left with Git Repo Vulnerability Management

There is good evidence for a correlation between organizations that are highly prepared to deal with security events, and those that embed security into their DevOps processes. In...

Oct 13, 2020

By Keith Mokris

Unit 42

Dimnie: Hiding in Plain Sight

A note to readers: The code samples included within this blog post may trigger alerts from your security software. Please note that this does not indicate an infection or an attack; rather, it is a notification that the code could be malicious if it were live.

Mar 28, 2017

By Brandon Levene, Dominik Reichel and Esmid Idrizovic

Malware, Mobility, Threat Prevention

Palo Alto Networks Discovers New Trend in Mobile Malware Distribution

Candy Crush, Clash of Clans, Flappy Bird – if you’re a fan of gaming on mobile devices, you’ve likely already heard (and are probably already playing)...

Apr 15, 2014

By Scott Simkin

Cybersecurity

Examining the Worst Data Breaches of 2013: Part 2

Yesterday, we looked at why this year’s Adobe breach was unique in both scale and what it caused for ripple effects in the security industry. Now let’s continue and look at more of the worst data breaches of 20...

Dec 13, 2013

By Scott Simkin

Load more blogs