@zuckjet.bsky.social
Thx for sharing. From what I understand:
Your repo had a GitHub Action that ran on every PR.
An attacker submitted a malicious PR that modified the Action to steal your npm token.
Was the main cause a GitHub Action misconfiguration?
Your repo had a GitHub Action that ran on every PR.
An attacker submitted a malicious PR that modified the Action to steal your npm token.
Was the main cause a GitHub Action misconfiguration?
September 17, 2025 at 2:51 AM
Thx for sharing. From what I understand:
Your repo had a GitHub Action that ran on every PR.
An attacker submitted a malicious PR that modified the Action to steal your npm token.
Was the main cause a GitHub Action misconfiguration?
Your repo had a GitHub Action that ran on every PR.
An attacker submitted a malicious PR that modified the Action to steal your npm token.
Was the main cause a GitHub Action misconfiguration?