Winbuzzer<p>GitHub has removed a poisoned Action used in 23,000+ repos after it exfiltrated CI secrets, prompting concerns over supply chain security</p><p><a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microsoft</span></a> <a href="https://mastodon.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> <a href="https://mastodon.social/tags/CI_CD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CI_CD</span></a> <a href="https://mastodon.social/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevSecOps</span></a> <a href="https://mastodon.social/tags/CyberThreats" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberThreats</span></a> <a href="https://mastodon.social/tags/GitHubActions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHubActions</span></a> <a href="https://mastodon.social/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://mastodon.social/tags/CodeSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CodeSecurity</span></a> <a href="https://mastodon.social/tags/tjactions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tjactions</span></a></p><p><a href="https://winbuzzer.com/2025/03/21/github-action-breach-exposes-secrets-in-hundreds-of-repositories-xcxwbn/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">winbuzzer.com/2025/03/21/githu</span><span class="invisible">b-action-breach-exposes-secrets-in-hundreds-of-repositories-xcxwbn/</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
288active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#tjactions
0 posts · 0 participants · 0 posts today
John Leonard<p>A supply chain attack on a GitHub Actions tool has put up to 23,000 organisations at risk of having credentials stolen.</p><p><a href="https://www.computing.co.uk/news/2025/security/github-attack-threatens-23-000-organisations" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">computing.co.uk/news/2025/secu</span><span class="invisible">rity/github-attack-threatens-23-000-organisations</span></a></p><p><a href="https://mastodon.social/tags/technews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>technews</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/tjactions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tjactions</span></a> <a href="https://mastodon.social/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>github</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>supplychainattack</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload