Dark Reading

Xygeni GitHub Action Compromised Via Tag Poison

An unidentified threat actor breached one of application security vendor Xygeni's GitHub Actions this month via tag poisoning. Xygeni, which sells a number of AI-powered AppSec products, said in a ...
The Hacker News

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft and cloud destruction.
The Hacker News

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets

Five malicious Rust crates and an AI bot exploited CI/CD pipelines and GitHub Actions in Feb 2026, stealing developer secrets ...
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

After GitHub outages, OpenAI begins building a rival code repository

The decision reportedly follows a series of service outages that have disrupted developer workflows on GitHub in recent ...
TheServerSide

10 best GitHub Actions examples

Community driven content discussing all aspects of software development from DevOps to design patterns. It all starts with a GitHub Actions workflow. Here’s how to create a run a workflow in the tool.
TheServerSide

How to use GitHub Actions secrets to hide your tokens and passwords example

Community driven content discussing all aspects of software development from DevOps to design patterns. One of the ongoing challenges DevOps professionals face when developing continuous integration ...
ZDNet

GitHub Actions moves GitHub into DevOps

With GitHub Actions, you can build a container app, deploy a web service, publish packages to registries, or automate welcoming new programmers to your open source projects. Or chain them all together ...