#ghostaction — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #ghostaction, aggregated by home.social.
-
⚠️ PyPI revokes all tokens stolen in the GhostAction supply chain attack
Malicious GitHub Actions exfiltrated tokens
- No PyPI packages compromised
- Developers advised to use short-lived Trusted Publisher tokens💬 How do you safeguard DevOps pipelines against supply chain threats?
Follow @technadu for updates.
#CyberSecurity #SupplyChainAttack #PyPI #Python #DevSecOps #GhostAction #OpenSourceSecurity #TokenSecurity #GitHubActions
-
GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets https://www.securityweek.com/github-workflows-attack-affects-hundreds-of-repos-thousands-of-secrets/ #ApplicationSecurity #SupplyChainSecurity #secretssprawl #GhostAction #GitHub
-
GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets https://www.securityweek.com/github-workflows-attack-affects-hundreds-of-repos-thousands-of-secrets/ #ApplicationSecurity #SupplyChainSecurity #secretssprawl #GhostAction #GitHub
-
GhostAction Attack Steals 3,325 Secrets from GitHub Projects – Source:hackread.com https://ciso2ciso.com/ghostaction-attack-steals-3325-secrets-from-github-projects-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttack #GhostAction #GitGuardian #SupplyChain #DockerHub #FastUUID #Hackread #security #GitHub #Python #CI/CD #PyPI
-
GhostAction Attack Steals 3,325 Secrets from GitHub Projects https://hackread.com/ghostaction-attack-steals-github-projects-secrets/ #Cybersecurity #CyberAttack #GhostAction #GitGuardian #SupplyChain #DockerHub #Security #FastUUID #GitHub #Python #CI/CD #PyPI
-
#GhostAction attack hit 817 GitHub repos, stealing 3,325 secrets including npm, PyPI, and DockerHub tokens.
Read: https://hackread.com/ghostaction-attack-steals-github-projects-secrets/
#CyberSecurity #GitHub #SupplyChain #PyPI #DockerHub #InfoSec