Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

Two concurrent supply chain campaigns this week targeted developer tooling and CI/CD pipelines: a malicious VS Code extension update that stole credentials from developer workstations, and a GitHub Actions tag hijacking that redirected pipeline execution to attacker-controlled code. Both incidents result in credential exfiltration affecting AWS, GitHub, and npm ecosystems. The actions-cool campaign is attributed to TeamPCP with high confidence and overlaps with the Mini Shai-Hulud npm poisoning operation.

Author

Tech Jacks Solutions