Potential Threat: misconfigurations in GitHub Actions
A GReAT study has identified ~250,000 potential security issues in publicly accessible GitHub Actions.
8 articles
A GReAT study has identified ~250,000 potential security issues in publicly accessible GitHub Actions.
How to respond to a compromised GitHub changed-files Action incident.
We discovered over 200 repositories with fake projects on GitHub. Using them, attackers distribute stealers, clippers, and backdoors.
Banshee stealer, a macOS stealer that emerged last year, is now roaming free on the Web, infecting Mac users and gaining new capabilities. How to protect yourself?
Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.
Can you catch malware by downloading files from Microsoft’s repositories on GitHub? Turns out, you can. Stay alert!
Hundreds of thousands of tokens and cryptographic keys have been discovered on GitHub. We explain why this is bad and how to avoid a leak.
Infosec digest: exploit kit Neutrino in Wordpress, yet another GitHub DDoS, Wyndham responsible for breach, while Target is not