InfoWorld11d
GitHub suffers a cascading supply chain attack compromising CI/CD secrets
CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.
GitHub Action supply chain attack exposed secrets in 218 repos
The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...
InfoWorld12d
Thousands of open source projects at risk from hack of GitHub Actions tool
Researchers say compromised tool in the GitHub CI/CD environment stole credentials; infosec leaders need to act immediately.
CSO Online13d
GitHub accounts targeted with fake security alerts
In a new phishing campaign, GitHub developers are being targeted with fake “Security Alerts” where they are prompted to ...