Recent GitHub supply chain attack traced to leaked SpotBugs token

A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise multiple GitHub projects. [...]

https://www.bleepingcomputer.com/news/security/recent-github-supply-chain-attack-traced-to-leaked-spotbugs-token/

Posted from: this blog via Microsoft Power Automate.

Comments

Popular posts from this blog