#GitHub Actions
6 stories taggedGitHub Actions.

Trojanised AsyncAPI packages slip onto npm, hitting a library downloaded 2.25 million times a week
Attackers hijacked a GitHub build pipeline on 14 July to publish five poisoned versions of AsyncAPI tools, wiring in a stealthy info-stealer that talks to its operators over Ethereum and peer-to-peer networks.

Mini Shai-Hulud Worm Jumps to Go, Hits LeoPlatform and RStreams npm Packages
The self-propagating supply chain campaign tied to Miasma and Hades has spread again — abusing GitHub Actions workflows and now reaching Go modules.

Cordyceps Flaw Class Hands Attackers the Keys to 300+ GitHub Repos
A newly catalogued CI/CD weakness lets attackers hijack workflows at Microsoft, Google and Apache projects, researchers say.

One GitHub Issue Was Enough to Pwn Repos Running Claude Code Action
A bug in Anthropic's Claude Code GitHub Action turned issue triage into arbitrary code execution — including, briefly, against the action's own repo.

Megalodon Campaign Pushed 5,718 Malicious Commits Into GitHub Repos in Six Hours
An automated backdooring operation abused compromised GitHub credentials to silently inject base64-encoded bash payloads into CI/CD workflows across more than 5,500 public repositories on May 18.

Megalodon Campaign Plants Malicious Workflows in 5,561 GitHub Repos in Six Hours
Throwaway accounts pushed 5,718 commits forging build-bot identities to exfiltrate CI/CD secrets, researchers said.