CISA Details Incident Response to Exposed AWS GovCloud Keys
CISA reveals how it responded after sensitive AWS GovCloud credentials and internal data were exposed in a public GitHub repository
Stay informed about the latest Github infosec updates, security breaches, and protection strategies with our comprehensive information security news.
Search across headline titles and summaries.
Background for this topic.
GitHub is a hosted software-development platform built around Git repositories. It supports public and private source-code hosting, change review through pull requests, issue tracking, automated workflows, and package distribution. Its repositories and automation are important security assets because they can contain proprietary code, deployment instructions, credentials, and the components used to build released software.
Material risks include accidentally committing secrets, exposing private repositories through misconfigured permissions, and allowing compromised dependencies or workflow actions to run in trusted build environments. Pull requests from untrusted contributors can also become an execution path when workflows handle them unsafely. Security practice includes least-privilege access, strong authentication, protected branches and required reviews, secret scanning and rapid credential revocation, and auditing workflow permissions. Repository history, dependency metadata, and commit provenance can support vulnerability management and incident investigation, but deleting a leaked secret from the latest file does not remove it from historical commits or existing clones.
Weekly headline count for the current query.
CISA reveals how it responded after sensitive AWS GovCloud credentials and internal data were exposed in a public GitHub repository
A Rust crypto clipper hides behind fake GitHub stars and AI-narrated YouTube videos
GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials
NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts
Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace
The prolific threat group TeamPCP has claimed a hack into GitHub’s internal repositories
Open source tool maker Grafana says hackers stole codebase via GitHub breach
LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration
The Vidar 2.0 infostealers is deployed through fake free game cheats on GitHub and Reddit
Flaws in GitHub Codespaces allow RCE via crafted repositories or pull requests
A new study has revealed 65% of top AI firms have leaked sensitive data on GitHub, risking $400bn in assets
New campaign merges traditional malware with DevOps tools, using GitHub CodeSpaces for DDoS attacks
Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account
Security researchers have discovered a new malicious campaign impacting hundreds of GitHub users
A malicious campaign using Ethereum smart contracts has been observed targeting developers via npm and GitHub
A new malware campaign uses GitHub to deliver payloads via Amadey botnet, bypassing email distribution
Banana Squad exploited GitHub to distribute malicious Python code disguised as legitimate tools
Sophos has uncovered a scheme planting malicious code in 130+ GitHub repositories, targeting hackers and gamers
The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks