GitHub Actions – Experimental News Clipping Site

Slashdot: Self-Replicating Worm Affected Several Hundred NPM Packages, Including CrowdStrike’s

Sep 20, 2025

—

by

Source URL: https://it.slashdot.org/story/25/09/20/0542237/self-replicating-worm-affected-several-hundred-npm-packages-including-crowdstrikes Source: Slashdot Title: Self-Replicating Worm Affected Several Hundred NPM Packages, Including CrowdStrike’s Feedly Summary: AI Summary and Description: Yes Summary: The Shai-Hulud malware campaign has affected numerous npm packages, including those maintained by CrowdStrike, via the injection of malicious scripts designed to steal developer credentials and exfiltrate sensitive information. The campaign highlights…

Cloud Blog: Automate app deployment and security analysis with new Gemini CLI extensions

Sep 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/ai-machine-learning/automate-app-deployment-and-security-analysis-with-new-gemini-cli-extensions/ Source: Cloud Blog Title: Automate app deployment and security analysis with new Gemini CLI extensions Feedly Summary: Find and fix security vulnerabilities. Deploy your app to the cloud. All without leaving your command-line. Today, we’re closing the gap between your terminal and the cloud with a first look at the future of…

Gemini: Meet your new AI coding teammate: Gemini CLI GitHub Actions

Aug 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.google/technology/developers/introducing-gemini-cli-github-actions/ Source: Gemini Title: Meet your new AI coding teammate: Gemini CLI GitHub Actions Feedly Summary: Today, we’re introducing Gemini CLI GitHub Actions. It’s a no-cost, powerful AI coding teammate for your repository. It acts both as an autonomous agent for critical rou… AI Summary and Description: Yes Summary: The introduction of Gemini…

Simon Willison’s Weblog: Using GitHub Spark to reverse engineer GitHub Spark

Jul 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jul/24/github-spark/ Source: Simon Willison’s Weblog Title: Using GitHub Spark to reverse engineer GitHub Spark Feedly Summary: GitHub Spark was released in public preview yesterday. It’s GitHub’s implementation of the prompt-to-app pattern also seen in products like Claude Artifacts, Lovable, Vercel v0, Val Town Townie and Fly.io’s Phoenix New. I wrote about Spark back…

Simon Willison’s Weblog: Continuous AI

Jun 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jun/27/continuous-ai/#atom-everything Source: Simon Willison’s Weblog Title: Continuous AI Feedly Summary: Continuous AI GitHub Next have coined the term “Continuous AI" to describe "all uses of automated AI to support software collaboration on any platform". It’s intended as an echo of Continuous Integration and Continuous Deployment: We’ve chosen the term "Continuous AI” to align…

Simon Willison’s Weblog: llm-github-models 0.15

May 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/May/29/llm-github-models-015/ Source: Simon Willison’s Weblog Title: llm-github-models 0.15 Feedly Summary: llm-github-models 0.15 Anthony Shaw’s llm-github-models plugin just got an upgrade: it now supports LLM 0.26 tool use for a subset of the models hosted on the GitHub Models API, contributed by Caleb Brose. The neat thing about this GitHub Models plugin is that…

Simon Willison’s Weblog: Long context support in LLM 0.24 using fragments and template plugins

Apr 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Apr/7/long-context-llm/#atom-everything Source: Simon Willison’s Weblog Title: Long context support in LLM 0.24 using fragments and template plugins Feedly Summary: LLM 0.24 is now available with new features to help take advantage of the increasingly long input context supported by modern LLMs. (LLM is my command-line tool and Python library for interacting with LLMs,…

Hacker News: GitHub CodeQL Actions Critical Supply Chain Vulnerability (CodeQLEAKED)

Mar 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.praetorian.com/blog/codeqleaked-public-secrets-exposure-leads-to-supply-chain-attack-on-github-codeql/ Source: Hacker News Title: GitHub CodeQL Actions Critical Supply Chain Vulnerability (CodeQLEAKED) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a potential supply chain attack on GitHub’s CodeQL due to a publicly exposed GitHub token, emphasizing risks associated with CI/CD vulnerabilities. It highlights how such a breach could…

Hacker News: Whose code am I running in GitHub Actions?

Mar 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://alexwlchan.net/2025/github-actions-audit/ Source: Hacker News Title: Whose code am I running in GitHub Actions? Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a recent security issue with the tj-actions/changed-files GitHub Action, highlighting the risks of mutable Git tags as opposed to immutable commit references in CI/CD processes. It emphasizes the…

Alerts: CISA Adds One Known Exploited Vulnerability to Catalog

Mar 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2025/03/24/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-30154 reviewdog action-setup GitHub Action Embedded Malicious Code Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and…

Tag: GitHub Actions