adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all
Preview meta tags from the adnanthekhan.com website.
Linked Hostnames
21- 13 links togithub.com
- 7 links toadnanthekhan.com
- 5 links todocs.github.com
- 2 links toowasp.org
- 1 link to0xn3va.gitbook.io
- 1 link toapi.whatsapp.com
- 1 link tocheckmarx.com
- 1 link tofacebook.com
Thumbnail
Search Engine Appearance
One Supply Chain Attack to Rule Them All - Poisoning GitHub's Runner Images
Preface Let’s think for a moment what a nightmare supply chain attack could be. An attack that would be so impactful that it could be chained to target almost every company in the world. For an attacker to carry out such an attack they would need to insert themselves into a component fundamental to building the largest open-source software projects on the Internet. What would an attacker need to target in order to carry out this attack? Cloud infrastructure would certainly qualify. What about build agents? Those would certainly be impactful, and SolarWinds put that attack on the map. If an attacker wanted more, the attacker would instead need to target SaaS companies providing hosted build services. Services like GitLab CI, TravisCI, CircleCI, BuildKite, and GitHub Actions fall within this category.
Bing
One Supply Chain Attack to Rule Them All - Poisoning GitHub's Runner Images
Preface Let’s think for a moment what a nightmare supply chain attack could be. An attack that would be so impactful that it could be chained to target almost every company in the world. For an attacker to carry out such an attack they would need to insert themselves into a component fundamental to building the largest open-source software projects on the Internet. What would an attacker need to target in order to carry out this attack? Cloud infrastructure would certainly qualify. What about build agents? Those would certainly be impactful, and SolarWinds put that attack on the map. If an attacker wanted more, the attacker would instead need to target SaaS companies providing hosted build services. Services like GitLab CI, TravisCI, CircleCI, BuildKite, and GitHub Actions fall within this category.
DuckDuckGo
https://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-allOne Supply Chain Attack to Rule Them All - Poisoning GitHub's Runner Images
Preface Let’s think for a moment what a nightmare supply chain attack could be. An attack that would be so impactful that it could be chained to target almost every company in the world. For an attacker to carry out such an attack they would need to insert themselves into a component fundamental to building the largest open-source software projects on the Internet. What would an attacker need to target in order to carry out this attack? Cloud infrastructure would certainly qualify. What about build agents? Those would certainly be impactful, and SolarWinds put that attack on the map. If an attacker wanted more, the attacker would instead need to target SaaS companies providing hosted build services. Services like GitLab CI, TravisCI, CircleCI, BuildKite, and GitHub Actions fall within this category.
General Meta Tags
13- titleOne Supply Chain Attack to Rule Them All - Poisoning GitHub's Runner Images | Adnan Khan's Blog
- charsetutf-8
- X-UA-CompatibleIE=edge
- viewportwidth=device-width, initial-scale=1, shrink-to-fit=no
- robotsindex, follow
Open Graph Meta Tags
7- og:urlhttps://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all/
- og:site_nameAdnan Khan's Blog
- og:titleOne Supply Chain Attack to Rule Them All - Poisoning GitHub's Runner Images
- og:descriptionPreface Let’s think for a moment what a nightmare supply chain attack could be. An attack that would be so impactful that it could be chained to target almost every company in the world. For an attacker to carry out such an attack they would need to insert themselves into a component fundamental to building the largest open-source software projects on the Internet. What would an attacker need to target in order to carry out this attack? Cloud infrastructure would certainly qualify. What about build agents? Those would certainly be impactful, and SolarWinds put that attack on the map. If an attacker wanted more, the attacker would instead need to target SaaS companies providing hosted build services. Services like GitLab CI, TravisCI, CircleCI, BuildKite, and GitHub Actions fall within this category.
- og:localeen-us
Twitter Meta Tags
4- twitter:cardsummary_large_image
- twitter:imagehttps://adnanthekhan.com/wp-content/uploads/2023/12/blog_square.png
- twitter:titleOne Supply Chain Attack to Rule Them All - Poisoning GitHub's Runner Images
- twitter:descriptionPreface Let’s think for a moment what a nightmare supply chain attack could be. An attack that would be so impactful that it could be chained to target almost every company in the world. For an attacker to carry out such an attack they would need to insert themselves into a component fundamental to building the largest open-source software projects on the Internet. What would an attacker need to target in order to carry out this attack? Cloud infrastructure would certainly qualify. What about build agents? Those would certainly be impactful, and SolarWinds put that attack on the map. If an attacker wanted more, the attacker would instead need to target SaaS companies providing hosted build services. Services like GitLab CI, TravisCI, CircleCI, BuildKite, and GitHub Actions fall within this category.
Link Tags
7- apple-touch-iconhttps://adnanthekhan.com/apple-touch-icon.png
- canonicalhttps://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all/
- iconhttps://adnanthekhan.com/favicon.ico
- iconhttps://adnanthekhan.com/favicon-16x16.png
- iconhttps://adnanthekhan.com/favicon-32x32.png
Website Locales
1
enhttps://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all/
Links
44- https://0xn3va.gitbook.io/cheat-sheets/ci-cd/github/actions
- https://adnanthekhan.com
- https://adnanthekhan.com/about
- https://adnanthekhan.com/archives
- https://adnanthekhan.com/cdn-cgi/l/email-protection