TheHackersNews
@zmgxukwfarucom
👀 $0 GitHub Action ? $B security nightmare. In Nov 2024, a SpotBugs maintainer accidentally leaked a GitHub access token. ? Attackers exploited it—moving from SpotBugs ? reviewdog ? poisoning tj-actions/changed-files—before striking Coinbase in March 2025. ?? Details https://t.co/lYTurYkQGi
0 reply
0 recast
0 reaction