GhostAction - Geek Feed

PyPI invalidates tokens stolen in GhostAction supply chain attack

September 22, 2025September 22, 2025 geekfeed0Tagged GhostAction, GitHub, GitHub Actions, PyPI, Secrets, Supply Chain Attack, Token

The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early September, confirming that the threat actors didn’t abuse them to publish malware. These tokens are used to publish packages on the Python Package Index (PyPI), a software repository that acts as the default source for Python’s […]

3 mins read

Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack

September 11, 2025September 11, 2025 geekfeed0Tagged GhostAction, GitHub, GitHub Actions, Secrets, supply chain, Supply Chain Attack, Token

A new supply chain attack on GitHub, dubbed ‘GhostAction,’ has compromised 3,325 secrets, including PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys. The attack was discovered by GitGuardian researchers, who report that the first signs of compromise on one of the impacted projects, FastUUID, became evident on September 2, 2025. The attack involved leveraging compromised […]

2 mins read