News
A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.
Arabian Post on MSN5h
Cyber-Attack Campaign GhostAction Targets GitHub Workflows
This breach exposed a critical weakness in the current CI/CD security model: the assumption that automated workflows are inherently benign. The GhostAction supply chain campaign underscores how ...
Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed ...
On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
Hundreds of GitHub users and repositories have been hit by another supply chain attack, in which threat actors have already ...
Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.
Discover how GitHub's SpecKit transforms AI coding with spec-driven development, offering reliability, efficiency, and seamless workflows.
If you need to work with GitHub, but don't have time to get up to speed with the git command line, Jack Wallen believes the GitHub Desktop app is the perfect tool for the job.
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback