The Next Web

GitHub is adding an awesome new drag-and-drop feature for uploading files to repos

Good news for those with active GitHub profiles: you can now add files to your repos by dragging and dropping them into the browser. Once a file is uploaded, you can add it to an existing branch, or ...
CSOonline

GitHub secrets: Deleted files still pose risks

Deleted files within public GitHub repositories could still be exposing secrets like API keys, tokens, and credentials, if threat actors knew where and how to look. Cybersecurity researcher Sharon ...
Bleeping Computer

Supply chain attack on popular GitHub Action exposes CI/CD secrets

The GitHub Action is a very popular automation tool designed for GitHub Actions workflows. It allows developers to identify files changed in a pull request or commit and take actions based on those ...
Bleeping Computer

GitHub Action hack likely led to another in cascading supply chain attack

Last week, a supply chain attack on the tj-actions/changed-files GitHub Action caused malicious code to write CI/CD secrets to the workflow logs for 23,000 repositories. If those logs had been public, ...
TheServerSide

How to git stash untracked files with a push

However, it is possible to alter this behavior and stash untracked files with the right git stash save and push options. The trick is to use the --include-untracked option or for brevity, the -u alias ...