Security News Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack BleepingComputer Daniel Bender Sep 8, 2025 A new supply chain attack on GitHub, dubbed 'GhostAction,' has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys.
