Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.
Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them ...
A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen ...
The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo ...
Drawing lessons from the trials of 2025, some of the maturing methodologies behind those very considerable software supply ...
Oracle Cloud's denial of a digital break-in is now in clear ... cyber-criminals could take that and use it to carry out ...
Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack.
We know a bit more about the GitHub Actions supply chain attack from last month. Palo Alto’s Unit 42 has been leading the ...
Oracle has denied claims that its cloud systems were involved in a data breach, despite a threat actor posting samples of ...
A potential supply chain attack on GitHub CodeQL started simply: a publicly exposed secret, valid for 1.022 seconds at a time. In that second, an attacker could take a series of steps that would allow ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback