Cicd
- Sweden's E-Government Source Code Is Circulating Online. The Entry Point Was a Jenkins Server.
ByteToBreach compromised CGI Sverige AB and leaked the source code of Sweden's E-plattform -- the digital identity system used across Swedish government authorities. The attack chain started at a misconfigured Jenkins server and required nothing novel.
- n8n RCE: What CISA's KEV Addition Reveals About AI Workflow Tool Security
CISA has added CVE-2025-68613, a critical RCE in n8n, to its Known Exploited Vulnerabilities catalogue. With 24,700+ unpatched instances still online, this is an active threat -- and it exposes a structural problem with self-hosted AI tooling.
- PhantomRaven: How a Four-Wave npm Campaign Used Remote Dynamic Dependencies to Beat Package Scanning
PhantomRaven ran four waves of malicious npm packages from August 2025 to February 2026, stealing developer credentials via a technique called Remote Dynamic Dependencies that places the payload outside the package -- making it invisible to every scanner that inspects package contents.
- Five Malicious Rust Crates and an AI Bot: A Coordinated Supply Chain Attack
In February and March 2026, attackers published five malicious Rust crates to crates.io and used an AI-powered bot to exploit GitHub Actions CI/CD pipelines -- stealing .env secrets and Personal Access Tokens from open source maintainers.