Public secrets exposure leads to supply chain attack on GitHub CodeQL | Dark Hacker News