· security
GitHub Actions Cache Poisoning is eating open source
Angular. tj-actions. Cline. TanStack. The same class of attack has been quietly hijacking publish pipelines for two years. Here's what it is, how it works, and what you need to do today.