adnanthekhan.com/2024/01/19/web3s-achilles-heel-a-supply-chain-attack-on-astar-network
Preview meta tags from the adnanthekhan.com website.
Linked Hostnames
21- 7 links toadnanthekhan.com
- 3 links togithub.com
- 3 links tojohnstawinski.com
- 2 links todocs.github.com
- 2 links towww.chia.net
- 1 link toapi.whatsapp.com
- 1 link tobughunters.google.com
- 1 link todocs.astar.network
Thumbnail
Search Engine Appearance
Web3's Achilles' Heel: A Supply Chain Attack on Astar Network
Overview John Stawinski and I have been conducting research and submitting bug bounty reports focusing on a specific type of poisoned pipeline execution attack that I like to refer as “Self-Hosted Runner Takeover”. It manifests when a public repository has an attached non-ephemeral self-hosted runner without requiring approval for workflows on the pull_request trigger. One of the organizations we discovered the vulnerability in was Astar network. According to Wikipedia, Astar Network is a blockchain that aims to become Polkadot’s “smart contract hub” and serves as a parachain for Polkadot.
Bing
Web3's Achilles' Heel: A Supply Chain Attack on Astar Network
Overview John Stawinski and I have been conducting research and submitting bug bounty reports focusing on a specific type of poisoned pipeline execution attack that I like to refer as “Self-Hosted Runner Takeover”. It manifests when a public repository has an attached non-ephemeral self-hosted runner without requiring approval for workflows on the pull_request trigger. One of the organizations we discovered the vulnerability in was Astar network. According to Wikipedia, Astar Network is a blockchain that aims to become Polkadot’s “smart contract hub” and serves as a parachain for Polkadot.
DuckDuckGo
https://adnanthekhan.com/2024/01/19/web3s-achilles-heel-a-supply-chain-attack-on-astar-networkWeb3's Achilles' Heel: A Supply Chain Attack on Astar Network
Overview John Stawinski and I have been conducting research and submitting bug bounty reports focusing on a specific type of poisoned pipeline execution attack that I like to refer as “Self-Hosted Runner Takeover”. It manifests when a public repository has an attached non-ephemeral self-hosted runner without requiring approval for workflows on the pull_request trigger. One of the organizations we discovered the vulnerability in was Astar network. According to Wikipedia, Astar Network is a blockchain that aims to become Polkadot’s “smart contract hub” and serves as a parachain for Polkadot.
General Meta Tags
13- titleWeb3's Achilles' Heel: A Supply Chain Attack on Astar Network | Adnan Khan's Blog
- charsetutf-8
- X-UA-CompatibleIE=edge
- viewportwidth=device-width, initial-scale=1, shrink-to-fit=no
- robotsindex, follow
Open Graph Meta Tags
7- og:urlhttps://adnanthekhan.com/2024/01/19/web3s-achilles-heel-a-supply-chain-attack-on-astar-network/
- og:site_nameAdnan Khan's Blog
- og:titleWeb3's Achilles' Heel: A Supply Chain Attack on Astar Network
- og:descriptionOverview John Stawinski and I have been conducting research and submitting bug bounty reports focusing on a specific type of poisoned pipeline execution attack that I like to refer as “Self-Hosted Runner Takeover”. It manifests when a public repository has an attached non-ephemeral self-hosted runner without requiring approval for workflows on the pull_request trigger. One of the organizations we discovered the vulnerability in was Astar network. According to Wikipedia, Astar Network is a blockchain that aims to become Polkadot’s “smart contract hub” and serves as a parachain for Polkadot.
- og:localeen-us
Twitter Meta Tags
4- twitter:cardsummary_large_image
- twitter:imagehttps://adnanthekhan.com/wp-content/uploads/2024/01/12885-1.png
- twitter:titleWeb3's Achilles' Heel: A Supply Chain Attack on Astar Network
- twitter:descriptionOverview John Stawinski and I have been conducting research and submitting bug bounty reports focusing on a specific type of poisoned pipeline execution attack that I like to refer as “Self-Hosted Runner Takeover”. It manifests when a public repository has an attached non-ephemeral self-hosted runner without requiring approval for workflows on the pull_request trigger. One of the organizations we discovered the vulnerability in was Astar network. According to Wikipedia, Astar Network is a blockchain that aims to become Polkadot’s “smart contract hub” and serves as a parachain for Polkadot.
Link Tags
7- apple-touch-iconhttps://adnanthekhan.com/apple-touch-icon.png
- canonicalhttps://adnanthekhan.com/2024/01/19/web3s-achilles-heel-a-supply-chain-attack-on-astar-network/
- iconhttps://adnanthekhan.com/favicon.ico
- iconhttps://adnanthekhan.com/favicon-16x16.png
- iconhttps://adnanthekhan.com/favicon-32x32.png
Website Locales
1
enhttps://adnanthekhan.com/2024/01/19/web3s-achilles-heel-a-supply-chain-attack-on-astar-network/
Links
33- https://adnanthekhan.com
- https://adnanthekhan.com/2023/12/20/one-supply-chain-attack-to-rule-them-all
- https://adnanthekhan.com/about
- https://adnanthekhan.com/archives
- https://adnanthekhan.com/posts