Recent Posts

• Grafana GitHub Actions Security Incident
  by varunsharma07on 4/28/2025, 1:02:29 AM with 2 comments
• Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos
  by varunsharma07on 3/14/2025, 10:29:46 PM with 64 comments
• CI/CD supply chain attack on Azure Karpenter Provider open-source project
  by varunsharma07on 11/25/2024, 8:29:01 PM with 2 comments
• Security Breach in Stripe Repo: A Deep Dive into the "Pwn Request" Vulnerability
  by varunsharma07on 9/6/2024, 4:50:46 AM with 0 comments
• An Obscure Actions Workflow Vulnerability in Google's Flank
  by varunsharma07on 4/16/2024, 5:57:19 PM with 2 comments
• Show HN: GitHub Actions Advisor – View security scores of GitHub Actions you use
  by varunsharma07on 1/17/2024, 6:25:26 PM with 0 comments
• How Google secures their GitHub Actions workflows with StepSecurity
  by varunsharma07on 11/8/2023, 6:46:24 PM with 0 comments
• Protect Against CI/CD Attacks That Poison GitHub Actions Workflows
  by varunsharma07on 7/26/2023, 6:45:05 PM with 0 comments
• Celebrating Success of 500 Open Source Projects Using StepSecurity's Platform
  by varunsharma07on 7/11/2023, 10:52:16 PM with 1 comment
• Show HN: AI-CodeWise – Transforming Code Reviews with AI-Powered Analysis
  by varunsharma07on 5/10/2023, 5:40:48 PM with 0 comments
• Show HN: Secure your public GitHub repository with automated security fixes
  by varunsharma07on 3/8/2023, 8:09:07 PM with 0 comments
• In Scorecard We Trust
  by varunsharma07on 1/26/2023, 1:38:10 AM with 1 comment
• DevOps Self-Service Centric Pipeline Security and Guardrails
  by varunsharma07on 1/25/2023, 11:19:02 PM with 1 comment
• Show HN: Protect Your CI/CD from SolarWinds-Type Attacks with This Agent
  by varunsharma07on 1/25/2023, 6:30:34 PM with 1 comment