DEF CON 32 — Grand Theft Actions: Abusing Self-Hosted GitHub Runners at Scale

Abstract | Slides (PDF) | Video

Black Hat USA 2024 — Self-Hosted GitHub Runners: Continuous Integration, Continuous Destruction

Abstract | Slides (PDF) | Video

External Blog Posts

Agent of Chaos: Hijacking NodeJS’s Jenkins Agents

CodeQLEAKED – Public Secrets Exposure Leads to Supply Chain Attack on GitHub CodeQL

TensorFlow Supply Chain Compromise via Self-Hosted Runner Attack

Compromising ByteDance’s Rspack using GitHub Actions Vulnerabilities