Security Boulevard

GitHub Actions Supply Chain Attack: Trivy Breach & Workflow

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.
InfoQ

GitHub Actions Custom Runner Images Reach General Availability

GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview ...
TheServerSide

10 best GitHub Actions examples

Community driven content discussing all aspects of software development from DevOps to design patterns. It all starts with a GitHub Actions workflow. Here’s how to create a run a workflow in the tool.
CSOonline

GitHub Actions typosquatting: A high-impact supply chain attack-in-waiting

Developers who mistype names and owners of GitHub Actions expose their repositories and accounts to malicious code execution, with significant software supply chain implications, researchers have ...
Visual Studio Magazine

Top 10 GitHub Copilot Extensions, Led by Docker and PerplexityAI

GitHub's fledgling Copilot extensions marketplace is taking shape, with Docker and PerplexityAI being the most popular tools offered so far. The Microsoft-owned company hosts guidance on how to "Build ...