News
GitHub Actions has been abused by attackers to mine cryptocurrency using GitHub's servers, automatically.The particular attack adds malicious GitHub Actions code to repositories forked from ...
Last week, a supply chain attack on the tj-actions/changed-files GitHub Action caused malicious code to write CI/CD secrets to the workflow logs for 23,000 repositories.
Researchers say compromised tool in the GitHub CI/CD environment stole credentials; infosec leaders need to act immediately.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback