News

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
Bleeping Computer1y

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...
GIGAZINE1y

GitHub tokens leaked from prominent open source projects from Google ...

It has been discovered that GitHub authentication tokens have been leaked from several well-known open source projects on GitHub, including those from Google, Microsoft, Amazon Web Services (AWS ...
TechRadar1y

Many top-level open source projects found leaking GitHub auth tokens

Many top-level open source projects have been found leaking GitHub auth tokens, putting entire projects at risk of data theft and malicious code tampering.
CSOonline3y

GitHub repositories compromised by stolen OAuth tokens

Salesforce said that, once notified by GitHub last Wednesday, it disabled the compromised OAuth tokens and the account that they came from.