Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm looking forward to the analysis how the attacker managed to compromise CI. I was reading through the workflow and what immediately jumped out was a cache poisoning attack. Seems plausible, given https://github.com/TanStack/config/pull/381

edit: two hard things in computer science: naming things, cache invalidation, off-by-one errors, security. something something



Yes it is a GitHub actions cache poisoning attack


Almost all these recent compromises seem to involve either cache poisoning or prompt injection via untrusted variables.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: