资讯

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...

GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign

Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
SecurityWeek3 天

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets

A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
Bleeping Computer1 年

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...
Security Boulevard5 天

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
GIGAZINE8月

'Map of GitHub' maps over 400,000 GitHub projects to clearly show the relationships between ...

When you access the 'Map of GitHub,' you will see the following screen. According to Kashcha, the names of countries on the map, such as 'PlusPlus Nation,' 'Pythonia,' and 'PowerShell Land,' are ...
TechRadar7月

DeepSeek R1 is now available on Nvidia, AWS, and Github as available models on Hugging Face ...

Having taken the AI world by storm in recent weeks, DeepSeek has now made significant strides in expanding the accessibility of its advanced reasoning models. The company has announced its flagship ...