News

Thousands of GitHub repositories exposed via Microsoft Copilot
Copilot has access to private GitHub repositories, researchers found The repositories were public at some point, and Bing ...
Bleeping Computer1mon
GitHub Action supply chain attack exposed secrets in 218 repos
GitHub Action' tj-actions/changed-files' was compromised by attackers who added a malicious commit on March 14, 2025, to dump CI/CD secrets from the Runner Worker process to the repository.