Prevalence (%)
Incidents
LAPSUS$ campaignsMercedes-Benz source code exposureOkta source code theftXZ Utils backdoor incidentMicrosoft credential exposure on GitHubGitHub certificate theft incidentDropbox breachBackdoored self-hosted GitHub RunnerCompromise of Top.gg repoGitloker campaignNYT source code theftByteDance Rspack GitHub misconfigurationPyTorch GitHub misconfigurationTensorFlow GitHub misconfigurationBORN Group supply chain attackPython infrastructure leaked access tokenGitHub PAT leakage leading to RDS Database exfiltrationDropbox Github breachUltralytics compromiseKong image compromisetj-actions/changed-files supply chain attackGrafana GitHub Action attempted supply chain attackNode.js repository CI/CD vulnerable to RCExAI leaked API keyAWS CodeBuild Vulnerability Allows Build Process Secrets ExtractionGhostAction campaignShai-Hulud: Ongoing Package Supply Chain Compromise Delivering Data-Stealing Malware
Last edited
May 21, 2024 2:18 PM
CISA KEV
Metasploit
Nuclei
No. Incidents
6
Techniques
pwn requestRepository webhook abuseRegister self-hosted runnerScript injection into CICD workflow