News

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign

Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...

Salesloft says Drift customer data thefts linked to March GitHub account hack

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...
CSO Online1d

Smart GPUGate malware exploits GitHub and Google Ads for evasive targeting

The malware tricks IT personnel into downloading malicious GitHub Desktop installers with GPU-gated decryption targeting ...
IT News For Australia Business3y

Stolen Heroku and Travis-CI OAuth tokens used for GitHub repo hacks

An attacker who used stolen OAuth open standard authentication tokens from Heroku and Travis-CI was able to download private repositories and source code ahead of the Easter holidays. Open source ...