GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets

Updated on March 23, 2025

The supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope.
“The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for further compromises,”…

Read the rest of the story at Read More

Source: The Hacker News

February 11, 2025 Uncategorized

Threat Actors Exploit ClickFix to Deploy...

December 1, 2023 Uncategorized

WhatsApp’s New Secret Code Feature...

April 8, 2025 Uncategorized

GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets

Related posts

Threat Actors Exploit ClickFix to Deploy...

WhatsApp’s New Secret Code Feature...

Amazon EC2 SSM Agent Flaw Patched After ...

Leave a Comment Cancel reply

Recent News

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines