InfoWorld12d
Thousands of open source projects at risk from hack of GitHub Actions tool
Researchers say compromised tool in the GitHub CI/CD environment stole credentials; infosec leaders need to act immediately.
CPO Magazine11d
Compromise of Popular Tool Leads to Supply Chain Attack on Over 23,000 GitHub Repositories
A compromise of the popular GitHub Actions tool turned into a massive supply chain attack, at this point thought to be ...
The Hacker News13d
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
GitHub Action tj-actions/changed-files was compromised, leaking CI/CD secrets. Users must update immediately to prevent ...