Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack
Monday, September 8, 2025 7:53 PM | BleepingComputer
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys. [...]