News

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
SecurityWeek

GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets

A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of secrets.
Infosecurity Magazine

GhostAction Supply Chain Attack Compromises 3000+ Secrets

Hundreds of GitHub users and repositories have been hit by another supply chain attack, in which threat actors have already ...
Security Boulevard

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
GitHub

Integrations with .NET Aspire for AWS

This repositry contains the integrations with .NET Aspire for AWS. The AWS integrations focus on provisioning and working with AWS application resources in development environment. Making the dev ...
SecurityWeek

Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack

With more than 4 million weekly downloads, the Nx build platform became the first known supply chain breach where hackers weaponized AI assistants for data theft. Hackers stole thousands of ...
GitHub

aws s3 exporter is not picking up latest refreshed credentials

The aws s3 exporter is not picking up latest credentials from "/.aws/credentials". It fails with "Token Expired" error. I have rotating credentials which are update ...