GitHub Action supply chain attack exposed secrets in 218 repos
The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...
InfoWorld13d
GitHub suffers a cascading supply chain attack compromising CI/CD secrets
CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.
CSO Online15d
GitHub accounts targeted with fake security alerts
In a new phishing campaign, GitHub developers are being targeted with fake “Security Alerts” where they are prompted to ...
CoinTelegraph1mon
Hackers are making fake GitHub projects to steal crypto: Kaspersky
Hackers are creating hundreds of fake GitHub projects aiming to dupe users into downloading crypto and credential-stealing malware, says cybersecurity firm Kaspersky. Kaspersky analyst Georgy ...