CSOonline

GitHub Actions attack renders even security-aware orgs vulnerable

Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by attackers to expose credentials and access tokens, as MITRE and Splunk ...
Dark Reading

Artifact Poisoning in GitHub Actions Imports Malware via Software Pipelines

An attacker submitting changes to an open source repository on GitHub could cause downstream software projects that include the latest version of a component to compile updates with malicious code.
Computing

GitHub supply-chain attack threatens 23,000 organisations

A supply chain attack on a GitHub Actions tool has put up to 23,000 organisations at risk of having credentials stolen. GitAub Actions is a CI/CD platform that automates code testing and deployment.
Dark Reading

Supply Chain Attacks Targeting GitHub Actions Increased in 2025

Some of the most significant software supply chain incidents over the past year were carried out by threat actors who exploited vulnerabilities in GitHub, the global repository widely used by software ...
CSOonline

GitHub Actions typosquatting: A high-impact supply chain attack-in-waiting

Developers who mistype names and owners of GitHub Actions expose their repositories and accounts to malicious code execution, with significant software supply chain implications, researchers have ...