News

GitHub supply chain attack sees thousands of tokens and secrets stolen in GhostAction campaign

Thousands of secrets such as PyPI and AWS keys, GitHub tokens, and more, were stolen recently during a supply-chain attack ...

Salesloft: March GitHub repo breach led to Salesforce data theft attacks

Salesloft says attackers first breached its GitHub account in March, leading to the theft of Drift OAuth tokens later used in ...

How to Use GitHub Spec Kit : The Secret to Flawless AI Coding Projects

GitHub Spec Kit redefines software workflows by replacing guesswork with structured, specification-driven development. Learn how Spec Kit ...
The Hacker News2d

GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies

Google-owned Mandiant, which began an investigation into the incident, said the threat actor, tracked as UNC6395, accessed ...
SecurityWeek2d

Salesloft GitHub Account Compromised Months Before Salesforce Attack

Threat actors had access to Salesloft’s GitHub account between March and June 2025 and performed reconnaissance.

Salesloft says Drift customer data thefts linked to March GitHub account hack

The breach, now known to have begun in March, raises questions about why it took six months for Salesloft to detect the ...

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack

Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account ...
ZDNet4y

RIAA blitz takes down 18 GitHub projects used for downloading ... - ZDNET

Main target of the takedown was the youtube-dl project, a Python library that had amassed more than 72k stars on GitHub and was used in many YouTube video ripping tools and services.

GitHub CEO Thomas Dohmke to step down, plans new startup

GitHub Chief Executive Thomas Dohmke said on Monday he will leave the Microsoft-owned code-hosting platform to launch a new ...