https://hackingpassion.com/tags/ci/cd-security/Recent content in CI/CD Security on HackingPassion.com : root@HackingPassion.com-[~]HugoenSat, 17 Jan 2026 00:00:00 +0000https://hackingpassion.com/aws-supply-chain-vulnerability/Sat, 17 Jan 2026 13:49:16 +0100https://hackingpassion.com/aws-supply-chain-vulnerability/<p>Netflix. Twitch. iCloud. The servers of the CIA and NSA. 30% of all cloud infrastructure worldwide runs on Amazon Web Services. Two missing characters in a regex filter nearly compromised all of it. 😬</p> <p>A <code>^</code> at the start and a <code>$</code> at the end. That&rsquo;s what was missing from a security filter, and that&rsquo;s all it would have taken for attackers to inject malicious code into the AWS JavaScript SDK.</p>