A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
The Shai-Hulud supply chain attack campaign, responsible for compromising hundreds of CrowdStrike’s NPM packages in September ...
Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
While the September 2025 Shai-Hulud attack focused primarily on credential harvesting and self-propagation, this new variant ...
GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code repositories. Today's announcement comes after the company introduced push ...
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. The ...
GitHub allows anyone to access forks and repositories that have been deleted or set to private, and this behavior is by design and not a flaw, open source security firm Truffle Security said in a blog ...
An unknown threat actor is harvesting data from private code repositories, with the help of stolen OAuth user tokens issued to Heroku and Travic-CI. As reported by GitHub, by last Tuesday, the threat ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback