GitHub Actions Vulnerability Exploited by Attackers

GitHub just flipped a default that most users will never find. As of April 24, every Copilot Free, Pro, and Pro+ user is opted into model training. Your accepted suggestions, code inputs, file names, repo structure — all of it feeding GitHub's next model. The opt-out is buried in privacy settings. Not available on mobile. And here's what GitHub's own policy page makes easy to miss: the exclusion only applies if your account is tied to a paid org plan. Individual developers working on side projects, open-source, or anything outside a Business or Enterprise account — fully in. The practical consequence: a developer building something on a personal Pro account, even if they work for a company, is opted in by default. Most won't check. Most won't know to check. GitHub framed this as necessary to improve model performance. Microsoft, which owns GitHub, benefits directly from that improvement. Enterprise customers are exempt. The people with the least leverage — individual devs, indie hackers, small teams — are the product. That's not a privacy debate. That's a consent architecture designed to extract from the bottom up. If you're on Free, Pro, or Pro+: go to GitHub Copilot settings now and turn off "Allow GitHub to use my data for AI model training." Takes 30 seconds. Not available on mobile — you need a browser. #GitHub #Copilot #AIAgents

🚨 Massive credentials leak happening on GitHub - please read before your next push Recently my GitHub account ran into restriction issues, so I started digging deeper into how my code and licenses were being used. While exploring, I stumbled onto something much more worrying. By searching for common secret names directly on GitHub (for example, API_KEY here: https://lnkd.in/g5AuMsUF ), I found an alarming number of exposed credentials across public repos: • Around 17.6 million matches just for API_KEY • Around 1.7 million matches for AWS_ACCESS_KEY_ID • Out of every 10 keys I checked manually, 1~3 were still valid and working This includes: • Cloud credentials (AWS, GCP, Azure) • Database URLs and passwords • JWT and auth secrets • SMTP and email credentials • Payment gateway keys (Stripe, Razorpay, etc.) • Even paid OpenAI API keys from active subscription accounts This is effectively a silent, continuous credential exposure happening in plain sight. Once a key is pushed: • Attackers and bots can find it within minutes • Deleting the file is not enough - it still exists in git history • Abuse can lead to huge cloud bills, data exfiltration, account takeover, and more 🛡️ What every developer should do right now • Always add .env, config, and secret files to .gitignore • Never hardcode secrets in code – use environment variables • Use secret managers (AWS Secrets Manager, Vault, Doppler, etc.) • Enable secret scanning on GitHub and your CI pipelines • If you ever leak a key: immediately rotate it and clean your git history I know some people may see this post, run those searches, and try to misuse exposed keys. I can’t control that. But as a developer, I’d rather raise awareness so more people secure their repos before damage happens. If you maintain any public or private repo, please take 5 minutes today to: • Check your .gitignore • Search your own codebase for things like API_KEY, SECRET, TOKEN, .env • Revoke and rotate anything suspicious Security is a shared responsibility. Let’s not make it easy for attackers. #DevSecurity #GitHub #OpenSource #APIKeys #Cybersecurity #WebDevelopment #100DaysOfCode #Python #JavaScript #DeveloperTips

If GitHub is your #1 backup priority, the solution needs four essentials: Aggressive cadence (RPO): Nightly backups are too slow. Aim for hourly at minimum; 30 minutes for critical repos. Verify whether cadence covers the entire repo or just code. Full-surface coverage: Code alone isn’t enough. You need issues, PRs, discussions, Actions workflows, releases, LFS, branch protections, and org settings—otherwise recovery drags from hours to days. Immutability: Assume credential compromise. Backups must be air-gapped or object-locked so they can’t be deleted with the source. Tested recovery: Do full restore drills quarterly. Measure real recovery time—untested backups are just assumptions. Check out how HYCU, Inc. help protect your GitHub with enterprise-grade backup and recovery.

The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open source artifacts across containers, libraries, agent skills, and GitHub Actions.

Attacks on open source aren't slowing down. Neither is GitHub. Our teams have rolled out trusted publishing, npm package scanning with human reviews, and guidance for Actions users (linked in comments). If you use GitHub Actions, take three steps today: 1. Turn on CodeQL (free for public repos) 2. Pin Actions to full commit SHAs 3. Review your workflows for script-injection risks

If you run or maintain an open source software project and have public repos especially on GitHub, please take this seriously 👇🏾

🔐 How secure are your GitHub Actions workflows and software supply chain today? GitHub includes a range of built‑in security features that you can enable across your SDLC, many teams just aren’t using them to their full potential. We’ve published practical steps you can apply today, along with a roadmap of security capabilities coming next, to help secure the open‑source supply chain across GitHub. 🔗 https://lnkd.in/gUattvvh

GitHub should do more than recommend. They could use their resources to: - pin all actions to their current resolved sha via dependabot, if active (prevents hidden downgrades) - only allow mutable tags if people opt into it (secure by default) - fail workflows if unpinned and config not present (secure by default) - invest in tooling to make docs show real shas (model behavior)

GitHub stars are not trust. Carnegie Mellon researchers found 6 million suspected fake GitHub stars across 15,835 repositories. At the same time, malicious repos are already ranking on Google for things like “Claude Code leaked source.” So I built scan-repo for normies. It is a Claude Code skill that adds a small pre-flight check before that moment turns into npm install. Important part: - Read-only - Never clones - Never runs anything from the target repo Ask your agent: should I install ? It runs a few fast checks quietly in the background. If nothing looks odd, it stays out of the way. If something looks off, it warns you. For a deeper pass, ask for a full scan and it does the heavier checks. The verdict is intentionally soft: 🟢 Nothing obviously wrong - proceed if you trust the source 🟡 A few things look unusual - worth a closer look 🔴 Several things look concerning - recommend not installing without expert review ⚪ Couldn’t gather enough signal - cannot assess That wording matters. You should never be able to flatten this into “SAFE.” What it is not: not a safety guarantee, not a malware scanner, not a transitive dependency auditor, and not a replacement for reading install scripts yourself. It is just the smallest possible layer between intent and install. Repo: https://lnkd.in/drgWAJ4m