's Avatar

@zuckjet.bsky.social

31 Followers  |  74 Following  |  1 Posts  |  Joined: 24.04.2025  |  1.2159

Latest posts by zuckjet.bsky.social on Bluesky


Thx for sharing. From what I understand:

Your repo had a GitHub Action that ran on every PR.
An attacker submitted a malicious PR that modified the Action to steal your npm token.

Was the main cause a GitHub Action misconfiguration?

17.09.2025 02:51 — 👍 1    🔁 0    💬 1    📌 0

@zuckjet is following 20 prominent accounts