CSOonline

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Many enterprises use GitHub Action Secrets to store and protect sensitive information such as credentials, API keys, and tokens used in CI/CD workflows. These private repositories are widely assumed ...
Ars Technica

Large enterprises scramble after supply-chain attack spills their secrets

Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with credential-stealing code after attackers gained unauthorized access to a maintainer ...
InfoWorld

GitHub suffers a cascading supply chain attack compromising CI/CD secrets

A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The ...
Infosecurity-magazine.com

Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

A recent supply chain attack that compromised the popular tj-actions/changed-files GitHub action has left a trail of digital destruction, affecting 218 GitHub repositories. As investigators dig deeper ...
Bleeping Computer

GitHub expands security tools after 39 million secrets leaked in 2024

GitHub announced updates to its Advanced Security platform after it detected over 39 million leaked secrets in repositories during 2024, including API keys and credentials, exposing users and ...
The Hacker News

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, risking takeover of four AWS GitHub repositories ...
Bleeping Computer

GitHub Action hack likely led to another in cascading supply chain attack

Last week, a supply chain attack on the tj-actions/changed-files GitHub Action caused malicious code to write CI/CD secrets to the workflow logs for 23,000 repositories. If those logs had been public, ...
Dark Reading

Supply Chain Attacks Targeting GitHub Actions Increased in 2025

Some of the most significant software supply chain incidents over the past year were carried out by threat actors who exploited vulnerabilities in GitHub, the global repository widely used by software ...
CSOonline

GitHub Actions attack renders even security-aware orgs vulnerable

Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by attackers to expose credentials and access tokens, as MITRE and Splunk ...
Dark Reading

Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm

Researchers discovered malicious activity impacting GitHub and popular WordPress and npm tools that could pose significant supply chain risks. In a new report, Armis Labs highlighted three recently ...
SiliconANGLE

Pulumi enhances cloud security with automated secrets rotation and new GitHub integration

Infrastructure-as-code provider Pulumi Corp. today announced four product enhancements that are designed to improve security, streamline automation and provide greater control over cloud resources.