InfoWorld

Thousands of open source projects at risk from hack of GitHub Actions tool

App development teams who use a popular utility in the GitHub Actions continuous integration and continuous delivery/deployment (CI/CD) platform need to scrub their code because the tool was ...
CSOonline

GitHub secrets: Deleted files still pose risks

Deleted files within public GitHub repositories could still be exposing secrets like API keys, tokens, and credentials, if threat actors knew where and how to look. Cybersecurity researcher Sharon ...
Bleeping Computer

Hackers steal 15,000 cloud credentials from exposed Git config files

A large-scale malicious operation named "EmeraldWhale" scanned for exposed Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories. According to ...