Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack
From BleepingComputer to All on Mon Sep 8 16:34:15 2025
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys. [...]