More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause.
Security researchers spot new phishing campaign targeting GitHub users A fake "security alert" GitHub account was notifying users of suspicious logins The links in the notification all point to a ...
The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...
The GitHub Action supply chain compromise that threatened the security of more than 23,000 repositories appears to be linked ...
A cascading supply chain attack that began with the compromise of the "reviewdog/action-setup@v1" GitHub Action is believed ...
In a new phishing campaign, GitHub developers are being targeted with fake “Security Alerts” where they are prompted to ...
CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.
A popular tool for automated software updates was compromised via GitHub A piece of malicious code was added, exposing user ...
Researchers say compromised tool in the GitHub CI/CD environment stole credentials; infosec leaders need to act immediately.
Security researchers have reported attempted attacks on around 12,000 Github repositories. Attackers want to gain full ...
StepSecurity disclosed a compromise of the popular GitHub Action tj-actions/changed-files, which works to detect file changes ...
The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback