A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen ...

Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.

Coinbase successfully thwarted a supply chain attack targeting its open-source AI toolkit, agentkit. However, Coinbase’s ...

But this mystery isn't over yet, Unit 42 opines That massive GitHub supply chain attack that spilled secrets from countless projects? It traces back to a stolen token from a SpotBugs workflow - ...

Security experts claim that the publicly listed exchange Coinbase was the primary target in the GitHub Action supply chain attack. According to the cybersecurity firms analyzing the incident ...

Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack.

We know a bit more about the GitHub Actions supply chain attack from last month. Palo Alto’s Unit 42 has been leading the ...

PoisonSeed exploits CRM credentials to spread cryptocurrency seed phrase attacks, risking major wallet compromises.

Hackers are stealing mailing lists from major companies and using them to break into people’s cryptocurrency wallets and ...

The stolen funds were swiftly moved across multiple blockchains, significantly complicating efforts to trace and recover them.

Researchers identified PoisonSeed as the same threat actors behind Troy Hunt’s Mailchimp and Akamai’s SendGrid phishing.

While Coinbase doesn’t have a public, set list of criteria for new listings, we’ve selected coins that align with the general factors most exchanges consider. These include market demand, use ...