Build & CI/CD Security Alerts

Build & CI/CD Security Alerts is where DevOps, DevSecOps, AppSec teams, and security leaders can track the vulnerabilities, attacks, and disclosures that matter most to build systems and CI/CD pipelines. Instead of rehashing general cybersecurity news, we focus on what each alert means inside for the build environment: how it could affect dependency retrieval, secrets exposure, unauthorized outbound connections, artifact integrity, and software supply chain risk at the last mile.

This page is designed for teams that want timely, practical analysis of build-time threats and clearer guidance on how to strengthen their defenses and reduce risk.

Security Alerts

In the News

GlassWorm: Invisible-Code Supply Chain Worm Attack

GlassWorm: The Invisible Unicode Supply Chain Worm Targeting CI/CD Pipelines Date Observed: October 2025 – ongoing (March 2026) Ecosystem: VS

March 30, 2026

SANDWORM_MODE: How a Shai-Hulud-Style npm Worm Targets CI/CD Pipelines

SANDWORM_MODE: A New Wave of npm Supply Chain Attacks Targeting CI/CD Pipelines Date of Discovery: February 20, 2026 Ecosystem: npm

March 17, 2026

Hackerbot-Claw: AI-Driven Pull Request Exploits in GitHub Actions CI/CD

Hackerbot-Claw: AI-Driven Pull Request Exploits in GitHub Actions CI/CD Date Observed: Late February 2026 Ecosystem: GitHub Actions CI/CD Attack Type:

March 17, 2026

The ‘s1ngularity’ Attack: Weaponizing AI CLI Tools and How InvisiRisk Stops It

The nx “s1ngularity” Attack: Weaponizing AI CLI Tools and How InvisiRisk Stops It Date of Attack: August 26, 2025 Impact:

December 12, 2025

Shai-Hulud NPM Worm Attack: Overview and InvisiRisk Protection

Shai-Hulud NPM Worm Attack: Overview and InvisiRisk Protection A novel self-propagating malware strain dubbed the Shai-Hulud worm has recently infected

September 25, 2025

How InvisiRisk Protects

The Great NPM Heist: How the Attack Worked & How InvisiRisk Can Help Stop It

The Great NPM Heist: What Happened and How InvisiRisk Protects You In early September 2025 attackers orchestrated a large-scale supply

September 19, 2025

Git’s Silent Takeover: How a Simple Clone Command Can Compromise Your Entire System

Git’s Silent Takeover: How a Simple Clone Command Can Compromise Your Entire System (CVE-2025-48384) In the world of software development,

September 9, 2025

GitHub’s ‘Pwn Request’ misconfiguration: How InvisiRisk BAF Shields Your CI/CD from Hidden Threats

GitHub’s “Pwn Request” Misconfiguration: How InvisiRisk BAF Shields Your CI/CD from Hidden Threats The automation prowess of GitHub Actions, a

July 14, 2025

CVE-2025-29927: Next.js Middleware Bypass & How to Prevent It

Next.js Middleware Vulnerability (CVE-2025-29927): How InvisiRisk BAF Provides Real-Time Protection Introduction In the ever-evolving landscape of web development, security remains

April 1, 2025

baf

How InvisiRisk BAF Mitigates GitHub Actions Supply Chain Attacks

How InvisiRisk BAF Effectively Mitigates GitHub Actions Supply Chain Attacks Like the Ultralytics Attack Introduction The rise of automation in

March 27, 2025