News

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

New Github Spec-Kit Boosts Claude Code Projects With Specification-Driven Planning

Discover how GitHub’s Spec-Kit and AI integration are improving software development with smarter, spec driven, streamlined workflows.
SecurityWeek1d

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets

A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
The Hacker News1d

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

This week, one story stands out above the rest: the Salesloft–Drift breach, where attackers stole OAuth tokens and accessed ...

GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign

Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
Cryptopolitan on MSN1d

HashKey Group rolls out $500M treasury fund to secure institutional crypto exposure

Hong Kong’s HashKey Group, the city’s largest licensed crypto exchange, has launched a $500 million digital asset treasury ...