Tag index
Generated from page-level ## Tags sections. Each tag below links to the pages that currently use it.
All tags
- 3CX (1)
- Accellion (1)
- ai-agent (1)
- Albania (1)
- appliance (1)
- AWS (1)
- Barracuda (1)
- Bash Uploader (1)
- Bitbucket (1)
- branch-name-injection (1)
- build-time compromise (1)
- CCleaner (1)
- CI/CD (9)
- CircleCI (1)
- Citrix (1)
- cloud (1)
- Cloudflare (1)
- Codecov (1)
- Coinbase (1)
- ConnectWise (1)
- credential theft (2)
- credential-theft (1)
- critical-infrastructure (1)
- CVE-2023-2868 (1)
- CVE-2023-4966 (1)
- CVE-2024-1708 (1)
- CVE-2024-1709 (1)
- CVE-2024-3094 (2)
- data theft (1)
- developer machines (1)
- DEWMODE (1)
- edge appliance (1)
- email (1)
- email gateway (1)
- energy-sector (1)
- ESG (1)
- espionage (3)
- extortion (1)
- faketivism (1)
- filename-injection (1)
- FTA (1)
- GCS (1)
- GitHub (1)
- GitHub Actions (6)
- GitHub OAuth (1)
- group (1)
- groups (2)
- hack-and-leak (1)
- HAR files (1)
- ICONICSTEALER (1)
- ICS (1)
- identity (1)
- Iran (1)
- Israel (1)
- legacy software (1)
- liblzma (1)
- Linux (1)
- macOS (1)
- maintainer persona (1)
- malicious releases (1)
- malware (2)
- MFA bypass (2)
- MOIS (1)
- MSP (1)
- NetScaler (1)
- npm (3)
- Okta (2)
- operations (19)
- ops (16)
- people (1)
- persistence (4)
- Piriform (1)
- prompt-injection (1)
- psychological operations (1)
- PyPI (1)
- release tampering (1)
- remote access (1)
- reviewdog (1)
- Russia (2)
- sabotage (1)
- ScreenConnect (1)
- script-injection (1)
- secret exposure (1)
- secrets (2)
- session hijacking (2)
- session theft (1)
- ShadowPad (1)
- signed updates (1)
- smishing (1)
- spearphishing (1)
- SSH (1)
- state-linked (1)
- supply-chain (13)
- tag tampering (1)
- TeamPCP (1)
- TeamViewer (1)
- Telegram (1)
- tj-actions (1)
- token theft (1)
- tooling (5)
- Trading Technologies (1)
- transnational repression (1)
- Twilio (1)
- watering-hole (1)
- Windows (2)
- wiper (1)
- worm (3)
- X_TRADER (1)
- xz (1)
- Zero Trust (1)
3CX
Accellion
ai-agent
Albania
appliance
AWS
Barracuda
Bash Uploader
Bitbucket
branch-name-injection
build-time compromise
CCleaner
CI/CD
- CircleCI 2023 customer secret exposure incident
- Codecov Bash Uploader compromise
- HackerBot Claw
- HackerBot Claw GitHub Actions exploitation campaign
- LiteLLM compromise
- TeamPCP
- tj-actions and reviewdog compromise
- Trivy compromise
- Trivy → TeamPCP → CanisterWorm: compromise timeline
CircleCI
Citrix
cloud
Cloudflare
Codecov
Coinbase
ConnectWise
credential theft
credential-theft
critical-infrastructure
CVE-2023-2868
CVE-2023-4966
CVE-2024-1708
CVE-2024-1709
CVE-2024-3094
data theft
developer machines
DEWMODE
edge appliance
email gateway
energy-sector
ESG
espionage
extortion
faketivism
filename-injection
FTA
GCS
GitHub
GitHub Actions
- HackerBot Claw
- HackerBot Claw GitHub Actions exploitation campaign
- TeamPCP
- tj-actions and reviewdog compromise
- Trivy compromise
- Trivy → TeamPCP → CanisterWorm: compromise timeline
GitHub OAuth
group
groups
hack-and-leak
HAR files
ICONICSTEALER
ICS
identity
Iran
Israel
legacy software
liblzma
Linux
macOS
maintainer persona
malicious releases
malware
MFA bypass
MOIS
MSP
NetScaler
npm
Okta
operations
- 0ktapus phishing campaign
- 3CX desktop app compromise
- Accellion FTA exploitation campaign
- Barracuda ESG zero-day backdoor campaign
- CanisterWorm
- CCleaner signed-update compromise
- CircleCI 2023 customer secret exposure incident
- CitrixBleed session-hijack wave
- Codecov Bash Uploader compromise
- ConnectWise ScreenConnect exploitation wave
- HackerBot Claw
- HackerBot Claw GitHub Actions exploitation campaign
- LiteLLM compromise
- Okta support-system compromise
- TeamPCP
- tj-actions and reviewdog compromise
- Trivy compromise
- Trivy → TeamPCP → CanisterWorm: compromise timeline
- XZ Utils backdoor
ops
- 0ktapus phishing campaign
- 3CX desktop app compromise
- Accellion FTA exploitation campaign
- Barracuda ESG zero-day backdoor campaign
- CCleaner signed-update compromise
- CircleCI 2023 customer secret exposure incident
- CitrixBleed session-hijack wave
- Codecov Bash Uploader compromise
- ConnectWise ScreenConnect exploitation wave
- HackerBot Claw GitHub Actions exploitation campaign
- LiteLLM compromise
- Okta support-system compromise
- tj-actions and reviewdog compromise
- Trivy compromise
- Trivy → TeamPCP → CanisterWorm: compromise timeline
- XZ Utils backdoor
people
persistence
Piriform
prompt-injection
psychological operations
PyPI
release tampering
remote access
reviewdog
Russia
sabotage
ScreenConnect
script-injection
secret exposure
secrets
session hijacking
session theft
ShadowPad
signed updates
smishing
spearphishing
SSH
state-linked
supply-chain
- 3CX desktop app compromise
- APT29
- CanisterWorm
- Codecov Bash Uploader compromise
- HackerBot Claw
- HackerBot Claw GitHub Actions exploitation campaign
- JiaT75
- LiteLLM compromise
- TeamPCP
- tj-actions and reviewdog compromise
- Trivy compromise
- Trivy → TeamPCP → CanisterWorm: compromise timeline
- XZ Utils backdoor
tag tampering
TeamPCP
TeamViewer
Telegram
tj-actions
token theft
tooling
- CanisterWorm
- HackerBot Claw
- LiteLLM compromise
- TeamPCP
- Trivy → TeamPCP → CanisterWorm: compromise timeline