ByteBrief
We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.
(We tried widescreen once. It wasn't us.)
1 story in the last 7 days
The latest ci/cd security news, distilled by AI into sharp ~100-word summaries. ByteBrief tracks ci/cd security across dozens of tech sources and brings you only what matters, updated hourly. Tap any story for the full brief, or open the original source.
Novee Security disclosed Cordyceps, a CI/CD weakness affecting 300+ repositories from Microsoft, Google, Apache, Cloudflare, and the Python Software Foundation. The attack exploits pull_request_target and workflow_run in GitHub Actions, using command injection, code injection, and cross-workflow privilege escalation. Scanners stay green because no single workflow file is wrong.
Summaries by ByteBrief