Cicd - Adnan Khan | Adnan Khan

cicd ai github

Copilot or Coconspirator - Tricking GitHub Copilot and Stealing all Your Secrets

Jan 7, 2026

cicd bugbounty

Who's SHA is it Anyway: Bypassing Google Cloud Build Comment Control for $30,000

Jul 21, 2025

bug-bounty cicd github

Watch your Dispatch: Race Condition in Dependabot Core CI

May 2, 2025

cicd githubactions security

(Not So) Safe{Wallet}: GitHub Actions Risks Impacting Safe''s Frontend

Feb 27, 2025

cicd githubactions security

Cacheract: The Monster in your Build Cache

In this post, I demonstrate Cacheract, which is an open source proof-of-concept for 'Cache Native Malware' that exploits GitHub Actions cache misconfigurations.

Dec 22, 2024

bugbounty cicd githubactions

Release-Drafter To google/accompanist Compromise: VRP Writeup

Nov 12, 2024

cicd githubactions security

RoguePuppet - A Critical Puppet Forge Supply Chain Vulnerability

Jul 2, 2024

bug-bounty cicd github

The Monsters in Your Build Cache - GitHub Actions Cache Poisoning

May 6, 2024

bug-bounty cicd github

An Obscure Actions Workflow Vulnerability in Google's Flank

Apr 15, 2024

bug-bounty cicd github

Web3''s Achilles'' Heel: A Supply Chain Attack on Astar Network

Jan 19, 2024

cicd github security

CVE-2023-49291 and More - A Potential Actions Nightmare

Jan 11, 2024

bug-bounty cicd github

One Supply Chain Attack to Rule Them All - Poisoning GitHub's Runner Images

Dec 20, 2023

bugbounty cicd security

Welcome to my blog - there is more to come!

Dec 16, 2023