EPISODE · May 20, 2026 · 6 MIN
SANS Stormcast Wednesday, May 20th, 2026: Assume Supply Chain Compromise; GitHub Action Compromise;
from SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) · host Johannes Ullrich
TeamPCP Supply Chain Campaign: Activity Through 2026-05-17https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Activity%20Through%202026-05-17/32994https://slsa.dev/spec/v0.1/levels Github Action Compromisehttps://www.stepsecurity.io/blog/actions-cool-issues-helper-github-action-compromised-all-tags-point-to-imposter-commit-that-exfiltrates-ci-cd-credentials How Storm-2949 turned a compromised identity into a cloud-wide breachhttps://www.microsoft.com/en-us/security/blog/2026/05/18/storm-2949-turned-compromised-identity-into-cloud-wide-breach/
What this episode covers
TeamPCP Supply Chain Campaign: Activity Through 2026-05-17https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Activity%20Through%202026-05-17/32994https://slsa.dev/spec/v0.1/levels Github Action Compromisehttps://www.stepsecurity.io/blog/actions-cool-issues-helper-github-action-compromised-all-tags-point-to-imposter-commit-that-exfiltrates-ci-cd-credentials How Storm-2949 turned a compromised identity into a cloud-wide breachhttps://www.microsoft.com/en-us/security/blog/2026/05/18/storm-2949-turned-compromised-identity-into-cloud-wide-breach/
NOW PLAYING
SANS Stormcast Wednesday, May 20th, 2026: Assume Supply Chain Compromise; GitHub Action Compromise;
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Jan 2, 2026 ·47m
Dec 21, 2025 ·46m