News
Discover how GitHub's SpecKit transforms AI coding with spec-driven development, offering reliability, efficiency, and seamless workflows.
2don MSN
GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign
Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...
The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
GitHub Spec Kit redefines software workflows by replacing guesswork with structured, specification-driven development. Learn how Spec Kit ...
Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...
The Register on MSN2d
Drift massive attack traced back to loose Salesloft GitHub account
Meanwhile the victim count grows The Salesloft Drift breach that compromised "hundreds" of companies including Google, Palo ...
Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.
Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed ...
Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account ...
Nx supply chain attack on Aug 26, 2025 leaked 2,349 secrets via npm packages, risking GitHub and cloud accounts.
JFrog and GitHub link a range of tools and functions to secure code, deployment and supply chain – with Copilot and in ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback