cache-poisoning
Safeguard articles tagged "cache-poisoning" — guides, analysis, and best practices for software supply chain and application security.
7 articles
DNS attack techniques and defenses
Cache poisoning, tunneling, and NXDOMAIN floods all abuse the same trust: DNS was built to be fast and open, not authenticated.
The Ultralytics AI pwn request supply chain attack
How a malicious pull request, a poisoned GitHub Actions cache, and a stored PyPI token turned the Ultralytics YOLO package into a cryptominer.
TanStack's Build Pipeline Got Hijacked and Still Signed Valid SLSA Provenance (May 2026)
On May 11, 2026, attackers chained a pull_request_target abuse, cache poisoning, and OIDC token theft to publish 84 malicious @tanstack npm versions from TanStack's own trusted pipeline. It is the first npm compromise to carry valid SLSA provenance.
DNS Cache Poisoning for Software Updates: 2025
DNS cache poisoning is a known attack class with a new application: hijacking software update checks to ship malicious binaries that pass every signature check.
GitHub Actions Cache Poisoning Attack Class 2025
GitHub Actions caches were never designed as a trust boundary. In 2025 researchers turned that mismatch into a repeatable supply-chain attack pattern.
Cache Poisoning Attacks: How They Work and How to Prevent Them
Cache poisoning attacks manipulate web caches to serve malicious content to other users. This guide covers web cache poisoning, DNS cache poisoning, and practical defenses for modern applications.
CDN Poisoning Attacks: How Cached Content Becomes a Weapon
CDN cache poisoning turns your performance infrastructure into an attack vector. When the cache serves malicious content to every user, the blast radius is massive and immediate.