Home / Critical Brief / Category archive
Lemma Critical Brief · Category archive

Code Provenance

Supply-chain attacks, commit forgery, intrusion via CI/CD.

4 Briefs
No. 010 · 2026-05-31

Claude Code Source-Leak Lures

Weaponizing Trust Signals and GitHub Releases as a Provenance-Spoofed Delivery Channel

Pillar 01 Verifiable Origin Code Provenance Identity & Auth Brief →
No. 014 · 2026-05-31

The TanStack npm Compromise

Malicious Packages Signed Under a Legitimate OIDC Trusted Publisher, Where a Valid Provenance Signature Did Not Mean a Trustworthy Artifact

Pillar 01 Verifiable Origin Code Provenance Identity & Auth Brief →
No. 015 · 2026-05-31

The GitHub Internal Repository Breach

A Poisoned VS Code Extension, Live for 18 Minutes, Exploited the Developer Trust Surface

Pillar 01 Verifiable Origin Code Provenance Identity & Auth Brief →
No. 004 · 2026-05-30

Megalodon GitHub Supply Chain

CI/CD Credential-Theft Campaign That Poisoned 5,561 Repositories in 6 Hours

Pillar 01 Verifiable Origin Code Provenance Identity & Auth Brief →