Nuacht

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign

Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
Dark Reading1y

GitHub Attack Vector Cracks Open Google, Microsoft, AWS Projects

Researchers have uncovered an attack vector that affected GitHub open source projects owned by Google, Microsoft, Amazon Web Services, and others, executed by abusing artifacts generated as part of ...
Security Boulevard8 lá

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
Arabian Post on MSN6 lá

Cyber-Attack Campaign GhostAction Targets GitHub Workflows

This breach exposed a critical weakness in the current CI/CD security model: the assumption that automated workflows are inherently benign. The GhostAction supply chain campaign underscores how ...
InfoQ2y

AWS Shifts Strategy: Public GitHub Documentation to Be Retired

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
GIGAZINELíon na míonna: 9

'Map of GitHub' maps over 400,000 GitHub projects to clearly show the relationships between projects

When you access the 'Map of GitHub,' you will see the following screen. According to Kashcha, the names of countries on the map, such as 'PlusPlus Nation,' 'Pythonia,' and 'PowerShell Land,' are ...