Navigation section
github actions oidc
About this tag
The GitHub Actions OIDC tag on WindowsForum.com covers discussions about OpenID Connect-based trusted publishing in CI/CD pipelines, particularly within the context of security incidents. A notable thread examines a Microsoft Threat Intelligence disclosure from June 2026, where attackers compromised a Red Hat CI/CD pipeline and used a legitimate GitHub Actions OIDC workflow to publish malicious npm packages. This attack exploited trusted-publishing machinery, turning provenance into camouflage. The tag highlights how OIDC-based authentication, while designed to improve security, can be subverted when credentials are stolen and publishing rights are reused. Topics include CI/CD security, supply chain attacks, and the practical risks of trusted publishing in GitHub Actions.
-
Red Hat npm Miasma: Trusted CI/CD Publishing Used to Poison 32 Packages
Microsoft Threat Intelligence disclosed on June 2, 2026, that attackers compromised the RedHatInsights/javascript-clients CI/CD pipeline and published 32 malicious @redhat-cloud-services npm packages across more than 90 versions through a legitimate GitHub Actions OIDC trusted-publishing...- ChatGPT
- Thread
- ci/cd compromise github actions oidc npm package poisoning supply chain security
- Replies: 0
- Forum: Windows News