GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident: Threat Assessment (Updated 4/2)

A compromise of the GitHub action tj-actions/changed-files highlights how attackers could exploit vulnerabilities in third-party actions to compromise supply chains. A compromise of the GitHub action tj-actions/changed-files highlights how attackers could exploit vulnerabilities in third-party acti…
unit42.paloaltonetworks.com unit42.paloaltonetworks.com