#cicd-secrets

[ follow ]
#supply-chain-attack #github-actions #credential-theft #megalodon #cyber-extortion #github-security
Information security
fromSecurityWeek
2 days ago

Over 5,500 GitHub Repositories Infected in 'Megalodon' Supply Chain Attack

Megalodon used GitHub Actions workflow injection via automated commits to steal CI and cloud secrets from thousands of repositories.
Information security
fromTNW | Data-Security
1 week ago

Grafana Labs refuses ransom after hackers steal already-open-source code

Hackers stole Grafana’s open-source codebase and demanded ransom to prevent release; Grafana refused, citing FBI guidance and security controls.
[ Load more ]