http://blog.fard.pt/tags/security/ Recent content in Security on MazaFard http://blog.fard.pt/images/papermod-cover.png http://blog.fard.pt/images/papermod-cover.png Hugo en Wed, 29 Apr 2026 00:00:00 +0000 http://blog.fard.pt/posts/github-supply-chain-attack/ Wed, 29 Apr 2026 00:00:00 +0000 http://blog.fard.pt/posts/github-supply-chain-attack/ <p>During a routine code review of a colleague&rsquo;s GitHub repository, I identified an anomalous, highly obfuscated block of code embedded within a standard Python file. The use of randomized variable names and dense encoding strongly indicated malicious intent. Upon further investigation, this isolated finding revealed a sophisticated, large-scale supply chain attack currently affecting hundreds of repositories across GitHub.</p> <p>This article details the discovery, the reverse-engineering process, and actionable mitigation strategies to secure your development pipelines.</p>