News
A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
Developers affected by the deprecation of password authentication will need to switch to authentication using personal access tokens through HTTPS or SSH when working with Git, or enable GitHub ...
1don MSN
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of ...
GitHub has added support for securing SSH Git operations using FIDO2 security keys for added protection from account takeover attempts. Researchers at North Carolina State University (NCSU) found [PDF ...
Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...
GitHub has taken another step toward ditching passwords by requiring token-based authentication for its command line interface, third-party desktop apps, and other external services that directly ...
Build artifacts generated by GitHub Actions often contain access tokens that can be abused by attackers to push malicious code into projects or compromise cloud infrastructure. An analysis of build ...
Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams’ internal chats and other data at risk. Slack has become ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback