Hackerbot-Claw Grows, Xygeni Tag Poisoning, GitHub Search HA, Windows SID Failures, and AI Skills Supply Chain

Hackerbot-Claw Grows, Xygeni Tag Poisoning, GitHub Search HA, Windows SID Failures, and AI Skills Supply Chain

Author: Teller's Tech - DevOps, SRE and Cloud Podcast March 27, 2026 Duration: 15:25
Ship It Weekly - DevOps, SRE, Platform and Cloud Engineering News
NewsTechnology

This episode of Ship It Weekly is about the places where convenience quietly turns into trust.

Brian revisits the Trivy story by zooming out to the bigger hackerbot-claw GitHub Actions campaign, then gets into the Xygeni tag-poisoning compromise, GitHub’s search high availability rebuild for GitHub Enterprise Server, Windows Server 2025 surfacing duplicate SID problems in cloned images, and the agent-skills ecosystem replaying package supply chain history. Plus: a quick lightning round on GitHub pausing self-hosted runner minimum-version enforcement and March secret scanning updates.

Links

OpenSSF advisory on active GitHub Actions exploitation https://seclists.org/oss-sec/2026/q1/246

Xygeni action compromise via tag poisoning https://www.stepsecurity.io/blog/xygeni-action-compromised-c2-reverse-shell-backdoor-injected-via-tag-poisoning

GitHub Enterprise Server search high availability rebuild https://github.blog/engineering/architecture-optimization/how-we-rebuilt-the-search-architecture-for-high-availability-in-github-enterprise-server/

Microsoft on duplicate SIDs and nongeneralized Windows Server 2025 images https://learn.microsoft.com/en-us/troubleshoot/exchange/administration/exchange-server-issues-on-incorrect-windows-server-image

Socket on supply chain security for skills.sh https://socket.dev/blog/socket-brings-supply-chain-security-to-skills

Snyk ToxicSkills research https://snyk.io/blog/toxicskills-malicious-ai-agent-skills-clawhub/

GitHub self-hosted runner minimum version enforcement paused https://github.blog/changelog/2026-03-13-self-hosted-runner-minimum-version-enforcement-paused/

GitHub secret scanning pattern updates, March 2026 https://github.blog/changelog/2026-03-10-secret-scanning-pattern-updates-march-2026/

More episodes and show notes at https://shipitweekly.fm

On Call Briefs at https://oncallbrief.com


For anyone building or running modern systems, the sheer volume of news, tools, and incident reports can be overwhelming. Ship It Weekly cuts through that noise. This isn't a surface-level scan of headlines. Host Brian Teller digs into the latest significant outages, major software releases, and insightful post-mortems, focusing squarely on the practical implications for DevOps, SRE, and platform engineering work. Each episode of the podcast breaks down a couple of key stories, providing the crucial context often missing from tech news. You'll hear analysis that translates events into actionable insights, answering the "so what?" for your own infrastructure and processes. The show also includes a quick rundown of tools or updates actually worth your attention, saving you hours of browsing. The tone is direct and informed, favoring depth over breadth. It’s designed for engineers and technical leaders who need a concise, reliable filter for the week's most relevant developments. Listen to this podcast for a focused recap that prioritizes what actually matters, delivered without fluff. You get the news, plus the necessary interpretation to understand how it might affect your systems, your team, and your on-call rotation. It's a weekly briefing that respects your time while aiming to make you more effective.
Author: Language: English Episodes: 37

Official website RSS
youtuberedditlinkedinspotifydeezer
Ship It Weekly - DevOps, SRE, Platform and Cloud Engineering News
Podcast Episodes

1234»