Researchers say compromised tool in the GitHub CI/CD environment stole credentials; infosec leaders need to act immediately.
A popular tool for automated software updates was compromised via GitHub A piece of malicious code was added, exposing user ...
Generic secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where ...
A supply chain attack on the widely used 'tj-actions/changed-files' GitHub Action, used by 23,000 repositories, potentially ...
Attackers subverted a widely used tool for software development environment GitHub, potentially allowing them to steal ...
Successful execution of the Click-fix campaign, which has reportedly targeted over 12,000 GitHub repositories, can allow ...
A supply chain attack on a GitHub Actions tool has put up to 23,000 organisations at risk of having credentials stolen.
StepSecurity disclosed a compromise of the popular GitHub Action tj-actions/changed-files, which works to detect file changes ...
A phishing campaign on GitHub with fake security alerts has attempted to trick about 12,000 developers into installing a malicious OAuth app. This app ...
Security researchers are warning of a supply chain attack against tj-actions/changed-files GitHub Action, which is used in ...
GitHub Action tj-actions/changed-files was compromised, leaking CI/CD secrets. Users must update immediately to prevent ...
The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback