All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

prt-scan: A 5-Phase GitHub Actions Credential Theft Campaign

A throwaway GitHub account submitted 219+ malicious pull requests in a single day, each carrying a 352-line payload that steals CI secrets, injects workflows, bypasses label gates, and scans /proc…

Read the full article
3mo ago

You might also wanna read

How GitHub eliminated 20,000+ secret scanning alerts across 15,000 repositories in nine months

GitHub had 20,000+ secret scanning alerts across 15,000 repositories. Here's how we separated signal from noise and built remediation workfl

github.blog·4d ago

The case for GitHub Actions security after recent supply chain attacks

GitHub Actions workflows are vulnerable to pwn requests, script injection, and compromised credentials. Here's what's going wrong and what's

Datadog·1mo ago

GitHub Actions workflows identified as common weak link in open source supply chain attacks

Anne Robinson would like a word with .github/workflows

Andrew Nesbitt·2mo ago

Megalodon Attack: Malicious GitHub Actions Workflows Compromise Over 5,500 Open-Source Repositories

A forged commit. A workflow file disguised as a routine CI optimization. Within 6 hours, 5,561 GitHub repositories were backdoored. Cloud cr

stepsecurity.io·1mo ago

Megalodon Attack: Malicious GitHub Actions Workflows Compromise Over 5,500 Open-Source Repositories

A forged commit. A workflow file disguised as a routine CI optimization. Within 6 hours, 5,561 GitHub repositories were backdoored. Cloud cr

Step Security·1mo ago

Trivy GitHub Actions Compromised in Supply Chain Attack, Exposing CI/CD Secrets

Attackers compromised Trivy GitHub Actions by force-updating tags to deliver malware, exposing CI/CD secrets across affected pipelines.

socket.dev·3mo ago

Red Hat npm supply chain attack compromises 32 packages with credential-stealing malware

Dozens of packages in the @redhat-cloud-services npm namespace were backdoored with credential-stealing malware aimed at Red Hat developers

briefly.co·1mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.