Infosecurity Magazine21h
Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise
The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo ...
GitHub Action supply chain attack exposed secrets in 218 repos
The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...
Bleeping Computer18d
Supply chain attack on popular GitHub Action exposes CI/CD secrets
A supply chain attack on the widely used 'tj-actions/changed-files' GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD ...
GitHub Copilot introduces new limits, charges for ‘premium’ AI models
GitHub Copilot, Microsoft-owned GitHub's AI coding assistant, could soon become costlier for some users, thanks to new limits ...
The Hacker News12d
Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed
CVE-2025-30066 supply chain attack compromised tj-actions on March 14, 2025, exposing 218 repositories and leaking credentials.
Hackaday18h
This Week In Security: Target Coinbase, Leaking Call Records, And Microsoft Hotpatching
We know a bit more about the GitHub Actions supply chain attack from last month. Palo Alto’s Unit 42 has been leading the ...
Cryptopolitan on MSN12d
Coinbase fends off targeted GitHub Action attack in early-stage breach attempt
According to the cybersecurity firms analyzing the incident, the attacker initially tried to compromise the Coinbase ...