Cybersecurity

Xygeni GitHub Action Compromised Via Tag Poison

Attackers operated an active C2 implant for up to a week and compromised AppSec vendor Xygeni's xygeni/xygeni-action in that
✦ Editorial Summary

A GitHub Action maintained by AppSec vendor Xygeni was compromised via a "tag poison" attack. Attackers operated a command and control (C2) implant for up to a week, exploiting the vulnerability. The compromised action is xygeni/xygeni-action.

Dark Reading·darkreading.com·Mar 11, 2026·1 min read· pts
Read original at darkreading.comMore Cybersecurity
WOKHEI The excerpt above is sourced from the original publication. WokHei does not add editorial bias. Click the link below to read the full article at the source.
Discussion
Join the discussion
Sign in for a verified badge and your comments appear instantly. Or post anonymously — anonymous comments are held briefly for moderation.
More in Cybersecurity
View all →
Cybersecurity
stamparm/maltrail
github.com
Cybersecurity
always-further/nono
github.com·AI 10/10
Cybersecurity
sqlmapproject/sqlmap
github.com
Cybersecurity
samugit83/redamon
github.com·AI 7/10
WokHei Digest
Workflow insights, delivered
Curated tips, tools, and tutorials for builders — twice a month, no spam.
Customize topics first