CSOonline

GitHub Actions attack renders even security-aware orgs vulnerable

Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by attackers to expose credentials and access tokens, as MITRE and Splunk ...
Bleeping Computer

GitHub Actions being actively abused to mine cryptocurrency on GitHub servers

GitHub Actions is currently being abused by attackers to mine cryptocurrency on GitHub's servers in an automated attack. GitHub Actions is a CI/CD solution that makes it easy to setup periodic tasks ...
InfoWorld

Thousands of open source projects at risk from hack of GitHub Actions tool

App development teams who use a popular utility in the GitHub Actions continuous integration and continuous delivery/deployment (CI/CD) platform need to scrub their code because the tool was ...
TheServerSide

How to publish GitHub Actions artifacts by example

Community driven content discussing all aspects of software development from DevOps to design patterns. Unfortunately, the ephemeral Docker container on which the GitHub Actions artifacts are created ...
TheServerSide

GH-200 GitHub Action Certification exam topics, objectives and practice test questions

Community driven content discussing all aspects of software development from DevOps to design patterns. The GitHub Actions GH-200 certification validates your ability to build, run, and manage ...