The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to the ...
Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud ...
The GitHub Action is a very popular automation tool designed for GitHub Actions workflows. It allows developers to identify files changed in a pull request or commit and take actions based on those ...
A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The ...
Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with credential-stealing code after attackers gained unauthorized access to a maintainer ...
Infrastructure-as-code provider Pulumi Corp. today announced four product enhancements that are designed to improve security, streamline automation and provide greater control over cloud resources.
At this week's Black Hat Europe conference, two researchers urged developers to adopt a shared responsibility model for open ...
GitGuardian has disclosed a new software supply chain attack campaign, dubbed GhostAction, that exfiltrated thousands of sensitive credentials before being detected and contained on September 5. The ...
Developers accidentally leaked 12.8 million secrets on public GitHub repositories in 2023, a 28% increase on the previous year, according to a new report from GitGuardian. The security vendor claimed ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback