IT之家 8 月 16 日消息，派拓网络（Palo Alto Networks）旗下安全部门 Unit 42 于 8 月 13 日发布报告，表示托管在 GitHub 上的很多热门开源项目存在身份认证授权令牌（Auth tokens）泄露问题，让整个项目面临数据被盗和篡改植入恶意代码等风险。 Unit 42 部门发现包括谷歌 ...

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...

It has been discovered that GitHub authentication tokens have been leaked from several well-known open source projects on GitHub, including those from Google, Microsoft, Amazon Web Services (AWS), and ...

GitHub has announced on Monday that it expanded its code hosting platform's secrets scanning capabilities for GitHub Advanced Security customers to block secret leaks automatically. Secret scanning is ...

Many top-level open source projects have been found leaking GitHub auth tokens, putting entire projects at risk of data theft and malicious code tampering. Cybersecurity researchers from Unit 42 ...