Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...
A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel series — because it publishes any stolen credentials in a new public GitHub ...
An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve ...
Hackers used the secrets stolen in the recent Nx supply chain attack to publish over 6,700 private repositories publicly.
On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 repositories. Attackers injected malicious workflows that exfiltrated ...
GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories. Today's announcement comes after the company introduced push ...
Learn how to automate development tasks, deploy apps, and manage code effortlessly with Claude Code and GitHub. Boost your ...
Keybase has launched a new service to encrypt git repositories for free. Keybase, the provider of the Keybase security app for mobile phones and PCs, offers an open-source system supported by ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback