Tag: action

security

TeamPCP’s Checkmarx GitHub Actions Attack: What You Need to Know

TeamPCP’s Checkmarx GitHub Actions Attack: What You Need to Know A supply chain incident becomes far more dangerous when it stops looking like a single breach and starts behaving like a multiplier. That is what made the TeamPCP campaign stand out in March 2026. The compromise of Checkmarx GitHub Actions and developer tooling became one […]

Mehr lesen →
security

SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln

Reading Location Position Value in Microsoft Word Documents Jessy investigated how Word documents store the last visited document location in the registry. https://isc.sans.edu/diary/Reading%20Location%20Position%20Value%20in%20Microsoft%20Word%20Documents/32224 Weaponizing image scaling against production AI systems AI systems often downscale images before processing them. An attacker can create a harmless looking image that would reveal text after downscaling leading to prompt […]

Mehr lesen →