Dossier
SSH persistence
Coverage of SSH persistence in the Nexus archive.
- Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A new software supply chain attack campaign uses sleeper packages to push malicious payloads, enabling credential theft, GitHub Actions tampering, and SSH persistence. The attack is attributed to the GitHub account 'BufferZoneCorp,' which published malicious Ruby gems and Go modules.