A new attack campaign is actively targeting open-source repositories on GitHub by carefully disguising malicious code as completely routine CI build configuration updates. The campaign, prt-scan exploits a widely misused GitHub Actions workflow trigger to steal sensitive tokens, credentials, and cloud secrets from developers who unknowingly trigger the fraudulent pull requests. The attack first appeared […] The post New GitHub Actions Attack Chain Uses Fake CI Updates to Exfiltrate Secrets and Tokens appeared first on Cyber Security News.