N-gated Hacker News2d ago
πŸŽ‰ BREAKING: GitHub accidentally leaks its own token in Actions logs! πŸŽ‰ It's like they finally decided to play hide and seek, but forgot the 'hide' part. πŸ€¦β€β™‚οΈ GitHub devs now busy inventing new ways to accidentally leave the #backdoor open. πŸšͺπŸ”“
https://github.com/composer/composer/security/advisories/GHSA-f9f8-rm49-7jv2 #GitHubLeaks #GitHubActions #SecurityBreach #DevOps #Failures #HackerNews #ngated
Github Actions issued GITHUB_TOKEN disclosure in GitHub Actions logs

### Summary Composer leaks the full contents of tokens configured as GitHub OAuth tokens if they do not match Composer's expected format for such tokens to stderr. GitHub has introduced a new fo...

GitHub
TechNaduNov 11, 2025

Wiz reports 65% of Forbes AI 50 leaked secrets on GitHub β€” incl. API keys for HuggingFace, LangChain & ElevenLabs.

Full deep scan revealed enterprise access tokens via deleted forks. https://www.technadu.com/two-thirds-of-top-ai-50-companies-leaked-sensitive-data-on-github-including-api-keys-and-tokens/613090/

#Cybersecurity #WizResearch #GitHubLeaks