CSOonline

GitHub Actions attack renders even security-aware orgs vulnerable

Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by attackers to expose credentials and access tokens, as MITRE and Splunk ...
Visual Studio Magazine

Hands On with New GitHub Agents Tab for Repo-Level Copilot Coding Agent Workflows

GitHub has introduced an Agents tab that provides a repository-level view of Copilot coding agent tasks and sessions. The Agents workflow produces normal pull requests, enabling review and validation ...
InfoQ

GitHub Agentic Workflows Unleash AI-Driven Repository Automation

Recently launched in technical preview, GitHub Agentic Workflows introduce a way to automate complex, repetitive repository ...
InfoWorld

GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments

Many enterprises use GitHub Action Secrets to store and protect sensitive information such as credentials, API keys, and tokens used in CI/CD workflows. These private repositories are widely assumed ...
CSOonline

GhostAction campaign steals 3325 secrets in GitHub supply chain attack

GitGuardian has disclosed a new software supply chain attack campaign, dubbed GhostAction, that exfiltrated thousands of sensitive credentials before being detected and contained on September 5. The ...

This week in AI updates: GPT-5.3-Codex-Spark, GitHub Agentic Workflows, and more (February 13, 2026)This week in AI updates: GPT-5.3-Codex-Spark, GitHub Agentic Workflows, and ...

GPT-5.3-Codex-Spark is a lightweight version of the company’s coding model, GPT-5.3-Codex, that is optimized to run on ultra-low latency hardware and can deliver over 1,000 tokens per second.
WinBuzzer

GitHub Agentic Workflows Enter Technical Preview for CI/CD AI

GitHub has launched Agentic Workflows into technical preview, enabling AI agents to automate repository tasks directly inside ...