Scan to download
Home
Article
Flash
Token Unlock
Hot Projects
Specials
Columns
ETF
Knowledge Base
Calendar
Activity
Tools

Slow Fog: Coinbase has suffered a supply chain attack on its GitHub Actions CI/CD mechanism, advising companies to self-check related risks

2025-03-23 16:07:55
Collection

ChainCatcher message, Slow Mist Cosine posted on platform X stating that a supply chain attack on Coinbase was carried out using the GitHub Actions CI/CD mechanism. Fortunately, it did not continue successfully; otherwise, the next security incident exposed would have been against Coinbase. The supply chain attack path on GitHub: reviewdog/action-setup -> tj-actions/changed-files -> coinbase/agentkit -> stealing GitHub Personal Access Token (PAT), cloud service-related keys, etc. Cosine suggests that if companies use reviewdog or tj-actions, they should conduct a self-check.

(Source Link)
Related tags
GitHub Actions CI/CD Coinbase security incidents
ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
Related reading
Coinbase International will launch perpetual contracts for WCT, BABY, KERNEL, and PROMPT
2025-04-18 00:03
Coinbase completes its platform Solana infrastructure upgrade: throughput increased by 5 times, RPC performance improved by 4 times
2025-04-17 23:20
Data: Transferred 5160.7 ETH to Coinbase Prime
2025-04-17 22:15
Analyst: Coinbase's revenue and trading outlook affected by tariff tensions
2025-04-16 22:59
Related tags
GitHub Actions CI/CD Coinbase security incidents
Copyright © 2023
About Us
Media Kit
Apply for a column
Disclaimer
RSS LINK
Recruitment
Qiong ICP No. 2021009392
Qiong ICP No. 2021009392
ChainCatcher Building the Web3 world with innovators
Open the app