// token type
GitHub App Token leaks
Indexed incidents that exposed GitHub App Token. Sorted by disclosure date.
2 incidents indexed
- ·CRITICAL9.4·confirmed
AntV npm Account Compromise: Mini Shai-Hulud Wave Hits 323 Packages (May 2026)
On 2026-05-19 the @antv npm publisher session was used to ship 639 malicious versions across 323 packages, the Mini Shai-Hulud campaign now totals 1,055 versions across 502 packages.
vector / npm supply chainplatforms / npm, GitHub, AWS, +2read / 22 min - ·CRITICAL9.5·confirmed
Mini Shai-Hulud npm Worm: TanStack, UiPath, Mistral AI and 169 Packages Compromised (May 2026)
npm worm hit 373 versions across 169 packages (@tanstack, @squawk, @uipath, mistralai) via trusted-publishing OIDC abuse and a prepare-script git dep that exfiltrates cloud and registry secrets at install.
vector / npm supply chainplatforms / npm, GitHub, AWSread / 10 min