Sign up to save your podcasts
Or
Share tj-actions with Endor Lab's Dimitri Stiliadis
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
tj-actions with Endor Lab's Dimitri Stiliadis
Dimitri Stiliadis, CTO from Endor Labs, discusses the recent tj-actions/changed-files supply chain attack, where a compromised GitHub Action exposed CI/CD secrets. We explore the impressive multi-stage attack vector and the broader often-overlooked vulnerabilities in our CI/CD pipelines, emphasizing the need to treat these build systems with production-level security rigor instead of ignoring them.
The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-04-tjactions_with_dimitri_stiliadis/
View all episodes
By Josh Bressers
4.6
4141 ratings
Dimitri Stiliadis, CTO from Endor Labs, discusses the recent tj-actions/changed-files supply chain attack, where a compromised GitHub Action exposed CI/CD secrets. We explore the impressive multi-stage attack vector and the broader often-overlooked vulnerabilities in our CI/CD pipelines, emphasizing the need to treat these build systems with production-level security rigor instead of ignoring them.
The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-04-tjactions_with_dimitri_stiliadis/
More shows like Open Source Security
View all
Risky Business
361 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
629 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
LINUX Unplugged
262 Listeners
Hacked
177 Listeners
CyberWire Daily
1,011 Listeners
Late Night Linux
154 Listeners
Smashing Security
313 Listeners
Click Here
387 Listeners
CISO Series Podcast
188 Listeners
Hacking Humans
310 Listeners
Defense in Depth
78 Listeners
Self-Hosted
135 Listeners
2.5 Admins
89 Listeners
Risky Bulletin
33 Listeners