New GitHub Actions Attack Chain Uses Fake CI Updates to Exfiltrate Secrets and Tokens
06/04/2026-17:34 06/04/2026-17:35 מחשבים וטכנולוגיה Cyber Security News דיווח
A new attack campaign is actively targeting open-source repositories on GitHub by carefully disguising malicious code as completely routine CI build configuration updates. The campaign, prt-scan exploits a widely misused GitHub Actions workflow trigg
