alt Hacker NewsI'm looking forward to the analysis how the attacker managed to compromise CI. I was reading through the workflow and what immediately jumped out was a cache poisoning attack. Seems plausible, given https://github.com/TanStack/config/pull/381
edit: two hard things in computer science: naming things, cache invalidation, off-by-one errors, security. something something
Replies
silverwind • yesterday at 11:27 PM
Almost all these recent compromises seem to involve either cache poisoning or prompt injection via untrusted variables.
Yes it is a GitHub actions cache poisoning attack