> TritonInfoSec News
Home / Mar 12, 2026 / Story
0
#4 Dark Reading general March 11, 2026 at 20:22 UTC

Xygeni GitHub Action Compromised Via Tag Poison

By Alexander Culafi

AI Summary

AppSec vendor Xygeni's GitHub Action was compromised via tag poisoning attack, with attackers operating an active C2 implant for up to a week. The xygeni/xygeni-action repository was targeted, potentially affecting software supply chain security for organizations using this GitHub Action.

Read full article → https://www.darkreading.com/application-security/x…

Relevance score: 88.0/100

# More from March 12

  1. 1
    CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed The Hacker News
  2. 2
    Medical device giant Stryker confirms cyberattack as employees say devices were wiped The Record
  3. 3
    14,000 routers are infected by malware that's highly resistant to takedowns Ars Technica Security
  4. 5
    New PhantomRaven NPM attack wave steals dev data via 88 packages BleepingComputer
  5. 6
    SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites BleepingComputer
  6. 7
    Medtech giant Stryker offline after Iran-linked wiper malware attack BleepingComputer
  7. 8
    Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days The Hacker News
  8. 9
    Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials The Hacker News
  9. 10
    UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours The Hacker News