CISA confirms cascading attack from reviewdog to tj-actions exposed sensitive credentials across 23,000+ repositories.
Current cybersecurity development risk frameworks don’t cover all of the tactics hackers used to compromise SolarWinds, log4j ...
The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it ...
Open source software used by more than 23,000 organizations, some of them in large enterprises, was compromised with ...
Stay informed with the latest in cybersecurity trends, vulnerabilities, and best practices. Don't miss out on this week's ...
A new report out today from software supply chain company JFrog Ltd. warns that an expansion of artificial intelligence ...
A cascading supply chain attack that began with the compromise of the "reviewdog/action-setup@v1" GitHub Action is believed ...
A security researcher has discovered that the websites of over 100 car dealerships have been compromised in a supply-chain ...
A compromise of the popular GitHub Actions tool turned into a massive supply chain attack, at this point thought to be ...
Drawing lessons from the trials of 2025, some of the maturing methodologies behind those very considerable software supply ...
More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause.
CVE-2025-30066 supply chain attack compromised tj-actions on March 14, 2025, exposing 218 repositories and leaking credentials.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback