News
Hackers used the secrets stolen in the recent Nx supply chain attack to publish over 6,700 private repositories publicly.
A scan of billions of files from 13 percent of all GitHub public repositories over a period of six months has revealed that over 100,000 repos have leaked API tokens and cryptographic keys, with ...
An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve ...
A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, ...
On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 ...
Attackers abused GitHub Actions workflows to siphon off thousands of credentials from hundreds of npm and PyPI repositories.
On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian's monitoring data, we analyzed the ...
GitHub has announced it will be bringing its secret scanning capability to more users in a bid to help public repository admins detect leaked secrets in their repositories before a breach happens.
Have you ever wondered how many hidden gems are buried deep within GitHub, waiting to transform the way you work? With over 330 million repositories on the platform, it’s no surprise that some of the ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback