News

SecurityWeek2d
Files Deleted From GitHub Repos Leak Valuable Secrets
A security researcher has discovered hundreds of leaked secrets by restoring files deleted from GitHub repositories.
CSO Online1d
GitHub secrets: Deleted files still pose risks
By leveraging Git’s version control features, one can retrieve deleted files and the sensitive content within.
Thousands of exposed GitHub repos, now private, can still be accessed through Copilot
Thousands of once-public GitHub repositories from some of the world’s biggest companies are affected, including Microsoft’s, according to new findings from Lasso, an Israeli cybersecurity ...
The Register on MSN17d
That massive GitHub supply chain attack? It all started with a stolen SpotBugs token
But this mystery isn't over yet, Unit 42 opines That massive GitHub supply chain attack that spilled secrets from countless projects? It traces back to a stolen token from a SpotBugs workflow - ...
The Hacker News1d
Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
xrpl.js is a popular JavaScript API for interacting with the XRP Ledger blockchain, also called the Ripple Protocol, a ...