Developers treat GitHub Gists as a "paste everything" service, accidentally exposing secrets like API keys and tokens. BYOS ...
Build artifacts generated by GitHub Actions often contain access tokens that can be abused by attackers to push malicious code into projects or compromise cloud infrastructure. An analysis of build ...
A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...
A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The ...
GhostAction attack stole 3,325 secrets from 327 GitHub accounts GitGuardian helped shut it down and alerted affected projects A separate NPM attack hit 2,000 accounts but was unrelated Thousands of ...
Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in widespread Salesforce data theft attacks in August. Salesloft is a widely ...
With secure OAuth support and real-time repo access, the tool is designed to modernize AI assistant integration in enterprise workflows. GitHub has unveiled its Remote MCP server in public preview, ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback