|
|
|
|
|
|
by detente18
88 days ago
|
|
|
Update 2 (03/25/2026): - We will be holding a townhall on Friday to review the incident and share next steps (https://lnkd.in/gsbTdCe7) - We can confirm a bad version of Trivy security scanner ran in our CI/CD pipeline, which would have led to the supply chain attack - We have paused new releases until we've completed securing our codebase and release pipeline to ensure safe releases for users - We've added additional github/gitlab ci scripts for checking if you're impacted: https://lnkd.in/gGicMkby We hope to share a full RCA in the coming days. Until then, if there's anything we can do to help your team - please let me know. You can email me (krrish@berri.ai), or join the discussion on github (https://lnkd.in/g9TuuQ2H). |
|
|