Current cybersecurity development risk frameworks don’t cover all of the tactics hackers used to compromise SolarWinds, log4j ...

The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...

CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.

Stay informed with the latest in cybersecurity trends, vulnerabilities, and best practices. Don't miss out on this week's critical updates on patching ...

A cascading supply chain attack that began with the compromise of the "reviewdog/action-setup@v1" GitHub Action is believed ...

CVE-2025-30066 supply chain attack compromised tj-actions on March 14, 2025, exposing 218 repositories and leaking credentials.

A compromise of the popular GitHub Actions tool turned into a massive supply chain attack, at this point thought to be ...

More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause.

Recently, Coinbase, the largest cryptocurrency exchange in the United States, successfully navigated a potential supply chain attack targeting its open-source infrastructure. This article will delve ...

A security researcher has discovered that the websites of over 100 car dealerships have been compromised in a supply-chain ...

Malicious campaigns targeting code used by developers of AI applications underscore the need to develop comprehensive ...

The report originated from Unit 42, the threat intelligence division of Palo Alto Networks, which identified that the attacker had specifically targeted ‘agentkit’, an open-source toolkit managed by ...