Digest #205: GitHub Actions Exploitation, Terraform Internals, Passkeys Warning and Go Runtime
A bot exploiting GitHub Actions across Microsoft and CNCF projects, Terraform internals deep-dive, npm token theft via CI, and Go runtime scheduler explained.
Welcome to this week’s edition of the DevOps Bulletin.
An autonomous bot spent 7 days exploiting GitHub Actions across Microsoft, DataDog, Aqua Security, and CNCF projects — exfiltrating tokens with w…
