A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise ...
Cryptopolitan on MSN11d
Coinbase fends off targeted GitHub Action attack in early-stage breach attemptAccording to the cybersecurity firms analyzing the incident, the attacker initially tried to compromise the Coinbase ...
The endgame of the recent cascading supply chain attack on GitHub was to breach Coinbase, one of the world’s most popular ...
CVE-2025-30066 supply chain attack compromised tj-actions on March 14, 2025, exposing 218 repositories and leaking credentials.
Researchers from Palo Alto Networks said the hackers likely planned to leverage an open source project of the company for ...
Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories. As previously ...
Proper secrets management could have prevented or reduced the impact of the Oracle Cloud & Coinbase breaches-- learn what ...
"The attacker obtained a GitHub token with write permissions to the coinbase/agentkit repository on March 14, 2025, 15:10 UTC, less than two hours before the larger attack was initiated against tj ...
Coinbase successfully thwarted a supply chain attack targeting its open-source AI toolkit, agentkit. However, Coinbase’s ...
More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback