News
2don MSN
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...
To prevent similar compromises in the future, pin GitHub Actions to commit hashes instead of version tags and use GitHub's allow-listing feature to restrict unauthorized actions. Those supply chain ...
A GitHub member was briefly suspended on Sunday after he exploited a vulnerability in the code repository's systems without first telling GitHub he was going to do so. Egor Homakov's hack caused ...
Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
The Register on MSN2d
Drift massive attack traced back to loose Salesloft GitHub account
Meanwhile the victim count grows The Salesloft Drift breach that compromised "hundreds" of companies including Google, Palo ...
A Russian researcher was able to take five low severity OAuth bugs and string them together to create what he calls a “simple but high severity exploit” in Github. A Russian security researcher was ...
Gentoo GitHub hack: What happened? Late last month (June 28), the Gentoo GitHub repository was attacked after someone gained control of an admin account. All access to the repositories was soon ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback