National Cyber Warfare Foundation (NCWF)

The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows
0 user ratings		2025-09-05 17:09:58
milo
Blue Team (CND)

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 repositories. Attackers injected malicious workflows that exfiltrated 3,325 secrets, including PyPI, npm, and DockerHub tokens via HTTP POST requests to a remote endpoint.


The post The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows appeared first on Security Boulevard.



Gaƫtan Ferry

Source: Security Boulevard
Source Link: https://securityboulevard.com/2025/09/the-ghostaction-campaign-3325-secrets-stolen-through-compromised-github-workflows/?utm_source=rss&utm_medium=rss&utm_campaign=the-ghostaction-campaign-3325-secrets-stolen-through-compromised-github-workflows

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.