News
2don MSN
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.
A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
Hundreds of GitHub users and repositories have been hit by another supply chain attack, in which threat actors have already ...
Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account ...
On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.
At its Satellite conference in Berlin today, GitHub — the code hosting platform Microsoft acquired for $7.5 billion in stock last year — unveiled improvements it says are intended to make software ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback