Tag: GitHub Actions
-
Introducing Artifact Attestations–now in public beta
There’s an increasing need across enterprises and the open source ecosystem to have a verifiable way to link software artifacts back to …
-
Where does your software (really) come from?
Software is a funny, profound thing: each piece of it is an invisible machine, seemingly made of magic words, designed to run on the …
-
Securing GitHub Actions for a safer DevOps pipeline
GitHub Actions provides a platform for continuous integration and continuous delivery (CI/CD), enabling your build, test, and deployment …
-
Use IAM roles to connect GitHub Actions to actions in AWS
Have you ever wanted to initiate change in an Amazon Web Services (AWS) account after you update a GitHub repository, or deploy updates in …
-
Introducing npm package provenance
Starting today, when you build your npm projects on GitHub Actions, you can publish provenance alongside your package by including the …
-
Todas as novidades do GitHub Universe 2022
Veja o que estamos construindo para aprimorar a plataforma de desenvolvimento mais integrada e que permite que pessoas desenvolvedoras e …
-
PurpleUrchin: GitHub Actions Hijacked for Crypto Mining
The Sysdig Threat Research Team has uncovered an extensive crypto mining operation, PurpleUrchin, which abuses free continuous integration …
-
Why we’re excited about the Sigstore general availability
Sigstore is a powerful new technology for signing, verifying, and protecting software supply chains, and we’re very excited by today’s …
-
Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM
Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro …
-
Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs
GitHub Actions and Azure virtual machines (VMs) are being leveraged for cloud-based cryptocurrency mining, indicating sustained attempts on …
-
GitHub Enterprise Server 3.5 is now generally available
GitHub Enterprise Server 3.5 focuses on adding more security features to keep your code secure, along with updates to our developer …
-
5 simple things every developer can do to ship more secure code
Here’s a confession: As a developer, I don’t always prioritize security when I’m building new …
●●●