Tags
CI/CD
ATT&CK Tactic
Credential Access (TA0006)
Incidents
SIM-Swap to Data Leak on Dark WebEleKtra-LeakSisense breachRabbit AI exposed keys in codeMercedes-Benz source code exposureShinyHunters Ransomware Targeting Cloud Environmentstj-actions/changed-files supply chain attackZapier data breachxAI leaked API keyGhostAction campaignShai-Hulud: Ongoing Package Supply Chain Compromise Delivering Data-Stealing Malware
References
https://www.lasso.security/blog/1500-huggingface-api-tokens-were-exposed-leaving-millions-of-meta-llama-bloom-and-pythia-users-for-supply-chain-attacks
Last edited
Jun 30, 2024 9:57 AM
Status
Stub
Defenses
Single Sign-On (SSO)CI/CD Configuration ScanningSecret Scanning