Tag: github
-
Hackers breached Salesloft ‘s GitHub in March, and used stole tokens in a mass attack
Hackers breached Salesloft’s GitHub in March, stole tokens, and used them in a mass attack on several major tech customers. Salesloft revealed that the threat actor UNC6395 breached its GitHub account in March, stealing authentication tokens that were later used in a large-scale attack against several major tech customers. Salesforce data theft attacks impacted major…
-
Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack
A new supply chain attack on GitHub, dubbed ‘GhostAction,’ has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-steal-3-325-secrets-in-ghostaction-github-supply-chain-attack/
-
Salesloft platform integration restored after probe reveals monthslong GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesloft-drift-restored-probe-github/759506/
-
Salesloft platform integration restored after probe reveals monthslong GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesloft-drift-restored-probe-github/759506/
-
Salesloft says Drift customer data thefts linked to March GitHub account hack
The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the breach. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/08/salesloft-says-drift-customer-data-thefts-linked-to-march-github-account-hack/
-
Salesloft platform integration restored after probe reveals monthslong GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesloft-drift-restored-probe-github/759506/
-
Salesloft Drift integration restored after probe reveals monthslong GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesloft-drift-restored-probe-github/759506/
-
Salesloft Drift integration restored after probe reveals monthslong GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesloft-drift-restored-probe-github/759506/
-
Salesloft Drift integration restored after probe reveals monthslong GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesloft-drift-restored-probe-github/759506/
-
GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies
Salesloft has revealed that the data breach linked to its Drift application started with the compromise of its GitHub account.Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed the Salesloft GitHub account from March through June 2025. So far, 22 companies have confirmed they were impacted by…
-
Salesloft Drift integration restored after probe reveals months-long GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesloft-drift-restored-probe-github/759506/
-
Salesloft Drift integration restored after probe reveals months-long GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/salesloft-drift-restored-probe-github/759506/
-
Salesloft: March GitHub repo breach led to Salesforce data theft attacks
Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in widespread Salesforce data theft attacks in August. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/salesloft-march-github-repo-breach-led-to-salesforce-data-theft-attacks/
-
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver malware to unsuspecting users looking for popular tools like GitHub Desktop.While malvertising campaigns have become commonplace in recent years, the latest activity gives it a little twist of its own: Embedding a GitHub commit into…
-
Salesloft: March GitHub repo breach led to Salesforce data theft attacks
Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in widespread Salesforce data theft attacks in August. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/salesloft-march-github-repo-breach-led-to-salesforce-data-theft-attacks/
-
GhostAction campaign steals 3325 secrets in GitHub supply chain attack
Tags: ai, attack, control, credentials, data-breach, detection, exploit, github, malicious, network, pypi, risk, supply-chain, threatThreat contained within days: GitGuardian’s security team responded quickly after detection, and the FastUUID package was set to read-only by PyPI administrators within minutes. The malicious commit was reverted shortly afterward. GitGuardian notified maintainers of the affected repositories, successfully contacting 573 projects, while also alerting GitHub, npm, and PyPI security teams to monitor for abuse.Although…
-
Missbrauch der Github-Repository-Struktur, um Google-Ads mit Schadsoftware zu infiltrieren
Am 19. August hat das Arctic-Wolf-Cybersecurity-Operations-Center (cSOC) eine neue Angriffstaktik aufgedeckt, die von Arctic Wolf ‘GPUGate” genannt wird. Diese missbraucht die Repository-Struktur von Github und Google-Ads, um Nutzerinnen und Nutzer zu einem schädlichen Download umzuleiten. Diese ausgeklügelte Angriffskette bettet einen commit-spezifischen Link, also eine dauerhafte URL, die auf eine bestimmte Version einer Datei innerhalb eines…
-
GhostAction campaign steals 3325 secrets in GitHub supply chain attack
Tags: ai, attack, control, credentials, data-breach, detection, exploit, github, malicious, network, pypi, risk, supply-chain, threatThreat contained within days: GitGuardian’s security team responded quickly after detection, and the FastUUID package was set to read-only by PyPI administrators within minutes. The malicious commit was reverted shortly afterward. GitGuardian notified maintainers of the affected repositories, successfully contacting 573 projects, while also alerting GitHub, npm, and PyPI security teams to monitor for abuse.Although…
-
Salesloft Drift data breach: Investigation reveals how attackers got in
The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/08/salesloft-drift-data-breach-investigation-results/
-
Nach Nx-Angriff: Hacker kapern Github-Konten und leaken private Repos
Der im August erfolgte Angriff auf das Build-System Nx hat ein Nachspiel. Private Github-Repos und Daten tausender Entwickler sind bereits kompromittiert. First seen on golem.de Jump to article: www.golem.de/news/nach-nx-angriff-hacker-kapern-github-konten-und-leaken-private-repos-2509-199879.html
-
Nach Nx-Angriff: Hacker kapern Github-Konten und leaken private Repos
Der im August erfolgte Angriff auf das Build-System Nx hat ein Nachspiel. Private Github-Repos und Daten tausender Entwickler sind bereits kompromittiert. First seen on golem.de Jump to article: www.golem.de/news/nach-nx-angriff-hacker-kapern-github-konten-und-leaken-private-repos-2509-199879.html
-
Salesloft Drift data breach: Investigation reveals how attackers got in
The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/08/salesloft-drift-data-breach-investigation-results/
-
GhostAction Supply Chain Attack Compromises 3000+ Secrets
Security researchers have discovered a new malicious campaign impacting hundreds of GitHub users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ghostaction-supply-chain-3000/
-
GPUGate Malware Leverages Legitimate Platforms to Deliver Advanced Payloads
A sophisticated new malware campaign exploiting trusted platforms and hardware-dependent evasion techniques targets IT professionals across Western Europe. Cybersecurity researchers have uncovered a highly sophisticated malware distribution campaign that cleverly exploits Google Ads and GitHub’s infrastructure to deliver a novel payload dubbed >>GPUGate.
-
New GhostAction Attack Compromises 327 GitHub Users and 817 Repositories
Security researchers uncovered a large-scale attack campaign now identified asGhostAction, which compromised secrets belonging to327 GitHub usersand impacted817 repositories. The incident began with the discovery of a malicious workflow embedded in the widely usedFastUUIDproject. The attack was first spotted when GitGuardian detected a suspicious GitHub workflow commit titled “Add Github Actions Security workflow” pushed by the account Grommash9 on…
-
Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens
Salesloft Drift breach traced to GitHub compromise and stolen OAuth tokens, Mandiant confirms breach contained and Salesforce data targeted. First seen on hackread.com Jump to article: hackread.com/salesloft-drift-breach-github-compromise-oauth-tokens/
-
Let us git rid of it, angry GitHub users say of forced Copilot features
Unavoidable AI has developers looking for alternative code hosting options First seen on theregister.com Jump to article: www.theregister.com/2025/09/05/github_copilot_complaints/
-
AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack
Investigations into the Nx “s1ngularity” NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ai-powered-malware-hit-2-180-github-accounts-in-s1ngularity-attack/
-
GhostAction Attack Steals 3,325 Secrets from GitHub Projects
GhostAction supply chain attack hit 817 GitHub repositories, stealing 3,325 secrets including npm, PyPI, and DockerHub tokens. First seen on hackread.com Jump to article: hackread.com/ghostaction-attack-steals-github-projects-secrets/