GitHub Actions - Tool

Threat entity extracted from intelligence sources

Frequency
137
occurrences
First Seen
November 11, 2025
Last Seen
July 14, 2026

GitHub Actions is a tool tracked across 50 threat clusters and 137 intelligence report mentions on ThreatCluster. First observed November 11, 2025; most recent activity July 14, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • AsyncAPI npm Packages With 2M Weekly Downloads Compromised via GitHub Actions — Cybersecuritynews · July 14, 2026
  • M-Red-Team: AsyncAPI Supply Chain Compromise via GitHub Actions — Wiz · July 14, 2026
  • Spoofed Git Identity Ai Code Reviewer — www.manifold.security · July 12, 2026
  • Link — edge.prnewswire.com · July 8, 2026
  • GitLost: GitHub's AI agent leaks private repos when asked — Thenextweb · July 8, 2026
  • GitHub AI agent leaks private repositories via prompt injection attack — Csoonline · July 8, 2026
  • 'GitLost' prompt injection leaks private repos via GitHub Agentic Workflows — Scworld · July 8, 2026
  • GitLost - One word is all it takes to make GitHub's AI agent leak your private repos — Korben.Info · July 8, 2026

CVSS v3.1 Breakdown