资讯

SecurityWeek1 天

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets

A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...
Security Boulevard4 天

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
GitHub5 天

GitHub - zccrs/git-commit-helper

Contribute to zccrs/git-commit-helper development by creating an account on GitHub.
GitHub11 天

GitHub - stefanzweifel/git-auto-commit-action: Automatically commit and ...

The GitHub Action for committing files for the 80% use case. A GitHub Action to detect changed files during a Workflow run and to commit and push them back to the GitHub repository. By default, the ...
The Hacker News13 天

Malicious Nx Packages in 's1ngularity' Attack Leaked 2,349 GitHub, Cloud, and AI Credentials

Nx supply chain attack on Aug 26, 2025 leaked 2,349 secrets via npm packages, risking GitHub and cloud accounts.