On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 repositories. Attackers injected malicious workflows that exfiltrated ...
Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent ...
GitHub is introducing a set of defenses against supply-chain attacks on the platform that led to multiple large-scale ...
An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project. The flaw, tracked ...
Learn how Tongyi DeepResearch combines cutting-edge reasoning and open-source flexibility to transform advanced research workflows.
The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased ...
The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...
The ShinyHunters extortionists behind data-grabbing August attacks on Salesloft Drift users claim to have stolen 1.5 billion ...
The leaked token, accidentally embedded by the company’s employee in a public repository, might have provided an attacker ...
It is possible that the attackers behind this attack are the same ones as last time. Their malicious code bears the name of a prominent science fiction monster.
Secure your secrets with GitGuardian's new one-click revocation. Instantly neutralize exposed secrets to close the attack ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback