Cyber researchers have uncovered a large-scale software supply chain attack on GitHub dubbed “GhostAction”, which has exposed more than 3,300 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare API keys, AWS access keys, and database credentials so far.
The campaign came to light after suspicious activity was detected in the FastUUID project on September 2. Attackers had compromised maintainer accounts and injected a malicious GitHub Actions workflow designed to trigger on code
