GitHub Actions

Trivy Supply-Chain Attack Poisons GitHub Action Tags to Steal CI/CD Secrets

Investigators attribute access to leftover credentials from a prior incident, prompting urgent audits.