Bleeping Computer

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...
Infosecurity-magazine.com

Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

A recent supply chain attack that compromised the popular tj-actions/changed-files GitHub action has left a trail of digital destruction, affecting 218 GitHub repositories. As investigators dig deeper ...
CoinTelegraph

Huge ‘screw-up’ — Pump Science apologizes after flood of fraud tokens

Pump Science partially blamed Solana-based software firm BuilderZ for leaving the private key to the dev wallet address on GitHub for the public to see. Update (Nov. 28, 9:48 pm UTC): This article has ...
techtimes

Mintlify Reveals Customer GitHub Tokens Compromised by Data Breach

A recent data breach has rocked Mintlify, a documentation startup, as it discloses that numerous customers' GitHub tokens were compromised. This breach, revealed last week, has sparked concerns within ...