A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen ...

Coinbase successfully thwarted a supply chain attack targeting its open-source AI toolkit, agentkit. However, Coinbase’s swift response, along with support from security experts, prevented any serious ...

Security experts claim that the publicly listed exchange Coinbase was the primary target in the GitHub Action supply chain attack. According to the cybersecurity firms analyzing the incident ...

Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.

Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack.

We know a bit more about the GitHub Actions supply chain attack from last month. Palo Alto’s Unit 42 has been leading the ...

PoisonSeed exploits CRM credentials to spread cryptocurrency seed phrase attacks, risking major wallet compromises.

The stolen funds were swiftly moved across multiple blockchains, significantly complicating efforts to trace and recover them.

Hackers are stealing mailing lists from major companies and using them to break into people’s cryptocurrency wallets and ...

Researchers identified PoisonSeed as the same threat actors behind Troy Hunt’s Mailchimp and Akamai’s SendGrid phishing.