The discovery by Palo Alto Networks' Unit 42 prompted action by owners of popular repositories where secrets were leaked through GitHub Actions artifacts.

GitHub has a problem with inauthentic "stars" used to artificially inflate the popularity of scam and malware distribution repositories, helping them reach more unsuspecting users.

Waydev, an analytics platform used by software companies, has disclosed a security breach earlier this month. The company says that hackers broke into its platform and stole GitHub and GitLab ...