Leitwacht blog

Leitwacht blog https://leitwacht.eu/blog Notes on CI runner security, eBPF, and EU sovereignty. en One dropper, 140+ packages: the Mastra npm compromise and the egress block that ends it https://leitwacht.eu/blog/blocking-the-mastra-compromise https://leitwacht.eu/blog/blocking-the-mastra-compromise The @mastra npm organization was compromised: 140+ packages were republished with a single malicious dependency, easy-day-js@1.11.22, whose postinstall hook fetches a second stage from a hardcoded C2. You never installed the malicious package directly; you pulled it transitively through a package you trust. We detonated it and captured the exact C2 reach. Default-deny egress on the CI runner drops that connection before the second stage can download, regardless of how the code arrived or what it harvested. Fri, 19 Jun 2026 00:00:00 GMT Thomas, Leitwacht Closing the attach race without NRI https://leitwacht.eu/blog/closing-the-attach-race https://leitwacht.eu/blog/closing-the-attach-race A zero-capability init container as a synchronization barrier, plus an agent subscribed to containerd's events socket. Race-free egress enforcement without an NRI plugin's blast radius. Mon, 08 Jun 2026 00:00:00 GMT Thomas, Leitwacht Valid provenance, malicious package: anatomy of the Red Hat npm compromise https://leitwacht.eu/blog/valid-provenance-malicious-package https://leitwacht.eu/blog/valid-provenance-malicious-package Attackers re-published 31 packages across the @redhat-cloud-services npm scope at least four times in one afternoon, every version carrying valid, signed SLSA provenance. How they mint genuine provenance for malware, what the payload does (captured first-hand), and why behavioral detection catches each re-arm in seconds. Mon, 01 Jun 2026 00:00:00 GMT Thomas, Leitwacht Mini Shai-Hulud, blocked: a live capture against the real payload https://leitwacht.eu/blog/mini-shai-hulud-blocked-at-the-kernel https://leitwacht.eu/blog/mini-shai-hulud-blocked-at-the-kernel The Mini Shai-Hulud npm wave on 19 May 2026 published 637 malicious versions across 317 packages. We obtained the real payload (size-sensor@1.2.4, a roughly half-megabyte obfuscated Bun script) and ran it inside a Leitwacht-enforced container. Every exfil destination, primary (t[.]m-kosche[.]com, OTel-disguised) and fallback (api.github.com, PAT-authenticated dead-drop), was caught at the kernel before a byte left the runner. Tue, 19 May 2026 00:00:00 GMT Thomas, Leitwacht why-ci-runners-are-the-soft-target https://leitwacht.eu/blog/why-ci-runners-are-the-soft-target https://leitwacht.eu/blog/why-ci-runners-are-the-soft-target Thu, 01 Jan 1970 00:00:00 GMT Leitwacht