Coinbase Initially Targeted In Github Actions Supply Chain Attack; 218 Repositories' Ci/cd Secrets Exposed

The proviso concatenation onslaught involving nan GitHub Action "tj-actions/changed-files" started arsenic a highly-targeted onslaught against 1 of Coinbase's open-source projects, earlier evolving into thing much wide successful scope. "The payload was focused connected exploiting nan nationalist CI/CD travel of 1 of their unfastened root projects – agentkit, astir apt pinch nan intent of leveraging it for further compromises,"