ci/cd compromise

The ci/cd compromise tag on WindowsForum covers incidents where attackers exploit trusted CI/CD pipelines to distribute malicious software. A notable example is the Red Hat npm Miasma attack, where threat actors compromised the RedHatInsights/javascript-clients CI/CD pipeline and published 32 malicious npm packages through a legitimate GitHub Actions OIDC trusted-publishing workflow. This attack highlights how stolen credentials and reused publishing rights can turn provenance into camouflage, undermining the security of software supply chains. Discussions focus on the practical mechanics of such compromises, including credential theft and abuse of automated publishing systems, and their implications for enterprise security.