News

Max severity Argo CD API flaw leaks repository credentials

An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve ...
Security Boulevard4h

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
ZDNet6y

Over 100,000 GitHub repos have leaked API or cryptographic keys

A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
Bleeping Computer2y

GitHub now can auto-block token and API key leaks for all repos

GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories.
TechRadar2y

GitHub brings free secret scanning to all public repositories

GitHub has announced it will be bringing its secret scanning capability to more users in a bid to help public repository admins detect leaked secrets in their repositories before a breach happens.
TMCnet16d

Runloop Introduces Repository Connect: Instant AI Agent Setup Eliminates Hours of Manual Configuration

Runloop, the only enterprise-grade infrastructure platform that enables the development, evaluation and scalable deployment of AI coding agents, today announced the launch of Repository Connect. This ...
ZDNet6y

Code execution bug in malicious repositories resolved by Git ... - ZDNET

"As with previously discovered vulnerabilities, GitHub.com will detect malicious repositories, and will reject pushes or API requests attempting to create them," The Git Project says.