Dark Reading

Supply Chain Attacks Targeting GitHub Actions Increased in 2025

At this week's Black Hat Europe conference, two researchers urged developers to adopt a shared responsibility model for open ...
腾讯网

GitHub Actions 提示注入漏洞波及多家《财富》500强企业

网络安全公司 Aikido Security 发现了一类新型提示注入漏洞,命名为"PromptPwnd"。该漏洞影响与AI Agent(包括谷歌Gemini CLI、Claude Code和OpenAI Codex)集成的GitHub ...
腾讯网

高危漏洞影响CI/CD管道,提示注入即可攻破谷歌Gemini CLI

一种名为"PromptPwnd"的高危漏洞类别正在影响集成到GitHub Actions和GitLab CI/CD管道中的AI ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud ...

Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud ...

Zig 退出 GitHub:微软对 AI 的痴迷毁了它

近期,Zig 编程语言的基金会(The Zig Software Foundation)已宣布退出 GitHub,原因是其领导层认为这个代码共享平台的服务正在衰退。 这场风波始于 2025 年 4 月,当时 GitHub 用户 ...

逃离GitHub!开发者接连出走后怒批:前端不友好、体验直线下降 ...

Kelley 指出,曾经让 GitHub 成功的工程实力,现在已经不再起作用了。它的优先级和工程文化都“烂掉”了,用户们只能忍受一个臃肿、到处出 bug 的 Java ...
TheServerSide

10 best GitHub Actions examples

Community driven content discussing all aspects of software development from DevOps to design patterns. It all starts with a GitHub Actions workflow. Here’s how to create a run a workflow in the tool.
Bleeping Computer

GitHub Actions artifacts found leaking auth tokens in popular projects

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD ...

Zig turns its back on GitHub: Frustration over Actions and Microsoft's AI course

The programming language Zig is leaving GitHub after ten years. The reason is problems with GitHub Actions, chaotic job ...

Zig quits GitHub, says Microsoft's AI obsession has ruined the service

The Foundation that promotes the Zig programming language has quit GitHub due to what its leadership perceives as the code sharing site's decline.