{"data":{"id":"9161bfad-beae-47d9-80a9-31ec70ff3c0e","title":"GitHub’s public APIs are becoming an enterprise reconnaissance tool","summary":"Attackers are systematically abusing GitHub's public APIs to map organizations, steal source code, and find secrets like API keys and cloud credentials, using a mix of fake dormant accounts and leaked credentials that blend into normal usage patterns. GitHub's public APIs don't require authentication for many operations and don't log geolocation data for external access, making it difficult to detect and stop this reconnaissance activity. The attacks involve automated scanner tools and coordinated networks of fake accounts that operate in short bursts across many organizations.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://www.csoonline.com/article/4194665/githubs-public-apis-are-becoming-an-enterprise-reconnaissance-tool-2.html","publishedAt":"2026-07-08T23:08:07.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["supply_chain","data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["GitHub"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-07-08T23:08:07.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"training_data","llmSpecific":false,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}