The Sysdig Threat Research Team (TRT) has discovered CVE-2025-32955, a now-patched vulnerability in Harden-Runner, one of the most popular GitHub Action CI/CD security tools. Exploiting this vulnerability allows an attacker to bypass Harden-Runner’s disable-sudo security mechanism, effectively evading detection within the continuous integration/continuous delivery (CI/CD) pipeline under certain conditions. To mitigate this risk, users are strongly advised to update to the latest version.

The CVE has been assigned a CVSS v3.1 base score of 6.0.

The Sysdig Threat Research Team recently discovered a sophisticated cloud operation in a customer environment, dubbed SCARLETEEL.

The hacker group Killnet claimed the attacks against Italy. How it's possible to detect the activities of the Mirai botnet used through Falco