Bleeping Computer

Supply chain attack on popular GitHub Action exposes CI/CD secrets

Strangely, the malicious code did not exfiltrate the memory output to a remote server, instead only making it visible in publicly accessible repositories. "The compromised action injected malicious ...
InfoWorld

What is GitHub Actions? Automated CI/CD for GitHub

GitHub Actions is a platform built into GitHub that automates software building, testing, and deployment. GitHub, owned by Microsoft, is a hosting service for software development using Git, an open ...