Log In
Get Started Free

cognitive cybersecurity intelligence

News and Analysis

Search

Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed

A supply chain attack resulted in 218 GitHub repositories leaking sensitive information and secrets, according to Palo Alto Networks Unit 42. The breach involved the GitHub Action “tj-actions/changed-files” targeting one of Coinbase’s open-source projects. Although the attacker failed to use Coinbase secrets, they were able to inject code that leaked secrets from repositories using the workflow. The attack initially seemed to have impacted thousands of repositories, but further investigation revealed that the scope was smaller and mostly involved short-lived GITHUB_TOKENs.

Source: thehackernews.com –
 Read more
Linkedin Youtube Facebook Instagram

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Identity and Access Management (IAM)

Identity and Access Management (IAM)

CISOs face mounting pressure to secure digital identities, with 80% of breaches stemming from compromised credentials. Identity and Access Management (IAM) must evolve into a

3000 Sand Hill Road, Building 3, Suite 210, 
Menlo Park, CA 94025

Products
Solutions
Healthcare cybersecurity​
Healthcare Threat Intelligence
Use Cases
News and Analysis
Insights
Company

© 2024 HEAL Security, Inc. “Cognitive Cybersecurity Intelligence.” All rights reserved.
3000 Sand Hill Road, Building 3, Suite 210, Menlo Park, CA 94025.
California Consumer: Do Not Sell My Info

Linkedin Youtube Facebook Instagram Soundcloud
Consent Preferences

V2025.04.01