Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...

Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...

A supply chain attack involving malicious GitHub Action workflows has impacted hundreds of repositories and thousands of ...

Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.

A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public.

Mintlify took immediate action by revoking all GitHub user access tokens and implementing enhanced security protocols to prevent further breaches.

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...

Build artifacts generated by GitHub Actions often contain access tokens that can be abused by attackers to push malicious code into projects or compromise cloud infrastructure.

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams' internal chats and other data at risk.