Bleeping Computer

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...
9to5Mac

Apple accidentally leaks new web App Store front-end source code, ends up on GitHub [U: Removed]

Update, November 8, 9:46 a.m. ET: The GitHub repository and its forks have been taken down. The original story follows below. Just hours after Apple launched a revamped web interface for the App Store ...
Dark Reading

GitHub Attack Vector Cracks Open Google, Microsoft, AWS Projects

Researchers have uncovered an attack vector that affected GitHub open source projects owned by Google, Microsoft, Amazon Web Services, and others, executed by abusing artifacts generated as part of ...