CyberSecurityBoard
Sponsor Register Login

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

In a significant cybersecurity incident, hackers have successfully stolen 3,325 secrets through a supply chain attack targeting GhostAction on GitHub. This attack highlights the increasing risks associated with software supply chains and the critical need for enhanced security measures in open-source repositories. The breach involved unauthorized access to sensitive credentials, which could potentially lead to further exploitation across various platforms and services. Organizations relying on GhostAction or similar tools are urged to review their security protocols, rotate exposed secrets, and monitor for suspicious activities. This incident serves as a stark reminder of the vulnerabilities inherent in modern software development and the importance of proactive defense strategies to mitigate supply chain threats.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 08 Sep 2025 19:55:18 +0000


Cyber News related to Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

You Don't Know Where Your Secrets Are - Do you know where your secrets are? If not, I can tell you: you are not alone. Hundreds of CISOs, CSOs, and security leaders, whether from small or large companies, don't know either. No matter the organization's size, the certifications, tools, ...
2 years ago Thehackernews.com
Securing the code: navigating code and GitHub secrets scanning - Enter the world of GitHub secrets scanning tools, the vigilant sentinels of your digital gala. Secrets scanning in GitHub is anchored by two fundamental strategies: proactive prevention and reactive detection, each serving a critical function in ...
2 years ago Securityboulevard.com
Software Supply Chain Security Checklist - In the ever-evolving landscape of digital innovation, the integrity of software supply chains has become a pivotal cornerstone for organizational security. Software supply chain security is not just about protecting code - it's about safeguarding the ...
1 year ago Feeds.dzone.com
Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack - In a significant cybersecurity incident, hackers have successfully stolen 3,325 secrets through a supply chain attack targeting GhostAction on GitHub. This attack highlights the increasing risks associated with software supply chains and the critical ...
4 months ago Bleepingcomputer.com
New "MITRE ATT&CK-like" framework outlines software supply chain attack TTPs - A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack ...
2 years ago Csoonline.com
Over 12 million auth secrets and keys leaked on GitHub in 2023 - GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days. The exposed secrets include account passwords, API keys, ...
1 year ago Bleepingcomputer.com
GhostAction Supply Chain Attack Targets 3,000 Organizations Globally - The recent discovery of the GhostAction supply chain attack has sent shockwaves through the cybersecurity community, revealing a sophisticated campaign targeting approximately 3,000 organizations worldwide. This attack leverages compromised software ...
4 months ago Infosecurity-magazine.com
GitHub expands security tools after 39 million secrets leaked in 2024 - Standalone Secret Protection and Code Security – Now available as separate products, these tools no longer require a full GitHub Advanced Security license, making them more affordable for smaller teams. GitHub announced updates to its Advanced ...
9 months ago Bleepingcomputer.com
PyPI invalidates tokens stolen in GhostAction supply chain attack - PyPI, the Python Package Index, has taken decisive action to invalidate tokens that were compromised during the GhostAction supply chain attack. This incident highlights the increasing risks associated with supply chain attacks in the software ...
3 months ago Bleepingcomputer.com GhostAction
GitHub Action supply chain attack exposed secrets in 218 repos - The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to the supply chain attack. According to data shared by ...
9 months ago Bleepingcomputer.com
GitHub, PyTorch and More Organizations Found Vulnerable to Self-Hosted Runner Attacks - Last July, we published an article exploring the dangers of vulnerable self-hosted runners and how they can lead to severe software supply chain attacks. GitHub itself was found vulnerable, as well as various notable organizations, such as PyTorch, ...
1 year ago Securityboulevard.com
GitHub Action hack likely led to another in cascading supply chain attack - Last week, a supply chain attack on the tj-actions/changed-files GitHub Action caused malicious code to write CI/CD secrets to the workflow logs for 23,000 repositories. A cascading supply chain attack that began with the compromise of the ...
9 months ago Bleepingcomputer.com
CISA Announces Renewal of the Information and Communications Technology Supply Chain Risk Management Task Force - The Task Force, chaired by CISA's National Risk Management Center and the Information Technology and Communications Sector Coordinating Councils, is a public-private partnership composed of a diverse range of representatives from public and private ...
1 year ago Cisa.gov
GitGuardian Report: 70% of Leaked Secrets Remain Active for Two Years, Urging Immediate Remediation - GitGuardian, the security leader behind GitHub’s most installed application, today released its comprehensive “2025 State of Secrets Sprawl Report,” revealing a widespread and persistent security crisis that threatens organizations ...
10 months ago Cybersecuritynews.com
Supply chain attack on popular GitHub Action exposes CI/CD secrets - As first reported by StepSecurity, attackers added a malicious commit to the tool on March 14, 2025, at 4:00 PM UTC, that dumped CI/CD secrets from the Runner Worker process to the repository of any projects using the action. As a result, if ...
9 months ago Bleepingcomputer.com
New Survey Finds a Paradox of Confidence in Software Supply Chain Security - Get results of and analysis on ESG's new survey on supply chain security. New research reveals that, despite increasing attacks and incidents against software supply chains, a surprising number of firms believe their defense is sufficient. This gap ...
1 year ago Securityboulevard.com
Honeytokens for Peace Of Mind - If you have been tackling the realities of secrets sprawl, getting a handle on all the hardcoded credentials in your organization, then we understand the stress and the restless nights that can bring. Even a small team can add hundreds of secrets a ...
1 year ago Feeds.dzone.com
CVE-2023-30853 - Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration ...
2 years ago
Recent GitHub supply chain attack traced to leaked SpotBugs token - On March 11, 2025, the attacker used the stolen PAT to invite another dummy user (jurkaofavak) into SpotBugs, who pushed a malicious GitHub Actions workflow that exfiltrated another PAT belonging to a Reviewdog maintainer (RD_MNTNR) who also had ...
9 months ago Bleepingcomputer.com
Supply Chain Cybersecurity - CISO Risk Management Guide - As regulatory scrutiny intensifies and cyber threats grow more sophisticated, CISOs must adopt a proactive, strategic approach to supply chain cybersecurity risk management, making it a boardroom priority and an integral part of organizational ...
8 months ago Cybersecuritynews.com
Privileged Access Management for DevOps - Recently, KuppingerCole released the first edition of its Leadership Compass for Privileged Access Management for DevOps. The KuppingerCole report recognizes the unique and complex challenges that exist in DevOps and other dynamic environments. The ...
2 years ago Beyondtrust.com Patchwork
UK, ROK sound alarm over North Korean supply chain attacks The Register - The national cybersecurity organizations of the UK and the Republic of Korea have issued a joint advisory warning of an increased volume and sophistication of North Korean software supply chain attacks. "In an increasingly digital and interconnected ...
2 years ago Theregister.com Lazarus Group
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator - The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator, according to ...
1 year ago Bleepingcomputer.com
How AI could bolster software supply chain security - SAN FRANCISCO - While supply chain risks remain prevalent across enterprises of all sizes, Synopsys' Tim Mackey said AI tools will enable developers more than attackers - at least for now. Supply chain security was a significant topic that speakers ...
1 year ago Techtarget.com
SCS 9001 2.0 reveals enhanced controls for global supply chains - In this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a certifiable standard crafted to assist organizations in operationalizing the NIST and other government guidelines and frameworks. ...
2 years ago Helpnetsecurity.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)