mediumCloud Security
AI-Powered prt-scan Campaign Exploits GitHub Supply Chain via pull_request_target
Security researchers at Wiz have identified prt-scan, a new AI-powered supply chain attack campaign that exploited GitHub's pull_request_target workflow feature across multiple accounts. The campaign operated for three weeks before detection, highlighting the growing sophistication of automated attacks targeting CI/CD pipelines.
Wiz Blog
supply-chaingithub-actionsai-attack