A supply chain attack resulted in 218 GitHub repositories leaking sensitive information and secrets, according to Palo Alto Networks Unit 42. The breach involved the GitHub Action “tj-actions/changed-files” targeting one of Coinbase’s open-source projects. Although the attacker failed to use Coinbase secrets, they were able to inject code that leaked secrets from repositories using the workflow. The attack initially seemed to have impacted thousands of repositories, but further investigation revealed that the scope was smaller and mostly involved short-lived GITHUB_TOKENs.
M&S issues update as crippling nationwide IT outage still ongoing – The Sun
Marks & Spencer (M&S) halted online orders in the UK and Ireland following a cyber attack, leading to a 5% drop in share price. Physical
