The Hacker News

Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed

The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope. "The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for further compromises,"

Mar 23, 2025 - 08:02
 0
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope. "The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for further compromises,"
Read More

Tags:

Previous Article

GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/C...

Next Article

NASA Considers Eliminating Its Headquarters in Washington D.C.

Related Posts

AI-Powered Deception is a Menace to Our Societies

AI-Powered Deception is a Menace to Our Societies

Feb 21, 2025  0

New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades

New TgToxic Banking Trojan Variant Evolves with Anti-An...

Feb 27, 2025  0

Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks

Hackers Exploit Paragon Partition Manager Driver Vulner...

Mar 3, 2025  0