Actions

Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed

Mar 23, 2025 by iHash Leave a Comment

The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope. "The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for … [Read more...] about Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed

Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs

Jul 11, 2022 by iHash Leave a Comment

GitHub Actions and Azure virtual machines (VMs) are being leveraged for cloud-based cryptocurrency mining, indicating sustained attempts on the part of malicious actors to target cloud resources for illicit purposes. "Attackers can abuse the runners or servers provided by GitHub to run an organization's pipelines and automation by maliciously downloading and installing their … [Read more...] about Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs

New Ransomware Variants Flourish Amid Law Enforcement Actions

Dec 24, 2021 by iHash Leave a Comment

Ransomware groups continue to evolve their tactics and techniques to deploy file-encrypting malware on compromised systems, notwithstanding law enforcement's disruptive actions against the cybercrime gangs to prevent them from victimizing additional companies. "Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS … [Read more...] about New Ransomware Variants Flourish Amid Law Enforcement Actions

Cisco Secure Workload Immediate Actions in Response to “SUNBURST” Trojan and Backdoor

Jan 17, 2021 by iHash Leave a Comment

Background The SUNBURST trojan and backdoor, as dubbed by FireEye researchers, that has compromised multiple U.S. Government systems recently, highlights the complexity and connectedness of the modern enterprise IT environment as a security weakness. Recent reporting makes clear that the adversary took advantage of software complexity to deliver a highly refined attack … [Read more...] about Cisco Secure Workload Immediate Actions in Response to “SUNBURST” Trojan and Backdoor

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed

Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs

New Ransomware Variants Flourish Amid Law Enforcement Actions

Cisco Secure Workload Immediate Actions in Response to “SUNBURST” Trojan and Backdoor