News

Salesloft says Drift customer data thefts linked to March GitHub account hack

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...

GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign

Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
CSO Online1d

Smart GPUGate malware exploits GitHub and Google Ads for evasive targeting

The malware tricks IT personnel into downloading malicious GitHub Desktop installers with GPU-gated decryption targeting ...
IT News For Australia Business3y

Stolen Heroku and Travis-CI OAuth tokens used for GitHub repo hacks

An attacker who used stolen OAuth open standard authentication tokens from Heroku and Travis-CI was able to download private repositories and source code ahead of the Easter holidays. Open source ...
The Verge3y

Wormhole cryptocurrency platform hacked for $325 million after error on GitHub

On Wednesday, the decentralized finance (DeFi) platform Wormhole became the victim of the largest cryptocurrency theft this year — and among the top five largest crypto hacks of all time — when an ...
Ars Technica13y

Hacker commandeers GitHub to prove Rails vulnerability

A Russian hacker dramatically demonstrated one of the most common security weaknesses in the Ruby on Rails web application language. By doing so, he took full control of the databases GitHub uses to ...