tag-security icon indicating copy to clipboard operation
tag-security copied to clipboard
verified publisher icon cncf

Update CNCF Catalog for 2025

Open sivanahamer opened this issue 1 month ago • 1 comments

Hi!

I was wondering if there are any plans to add to the CNCF catalog of compromise attacks from 2025. Particularly, attacks like:

  • npm Qix phishing attack
  • Shai Hulud
  • nullifAI in Hugging Face

I would not mind helping out! Also, thanks for maintaining this valuable resource :)

sivanahamer avatar Nov 11 '25 20:11 sivanahamer

Absolutely! Please send a PR. :D

On Tue, Nov 11, 2025 at 3:57 PM Sivana Hamer @.***> wrote:

sivanahamer created an issue (cncf/tag-security#1501) https://github.com/cncf/tag-security/issues/1501

Hi!

I was wondering if there are any plans to add to the CNCF catalog of compromise attacks from 2025. Particularly, attacks like:

  • npm Qix phishing attack
  • Shai Hulud
  • nullifAI in Hugging Face

I would not mind helping out! Also, thanks for maintaining this valuable resource :)

— Reply to this email directly, view it on GitHub https://github.com/cncf/tag-security/issues/1501, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAGROD44PZ6BOSXUI2VVBAL34JEUDAVCNFSM6AAAAACLZ7W65OVHI2DSMVQWIX3LMV43ASLTON2WKOZTGYYTGOBYGM2DSOI . You are receiving this because you are subscribed to this thread.Message ID: @.***>

JustinCappos avatar Nov 12 '25 01:11 JustinCappos