SlowMist Team: Coinbase Fell Victim to GitHub Actions CI/CD Supply Chain Attack, Recommends Enterprises to Self-audit Relevant Risks

BlockBeats News, March 23rd, SawWit, founder of SlowMist, stated on social media that "Using GitHub Actions CI/CD mechanism for a supply chain attack on Coinbase, fortunately it was not successful. Otherwise, the next security incident to be exposed would be targeting Coinbase."

The supply chain attack path on GitHub: reviewdog/action-setup -> tj-actions/changed-files -> coinbase/agentkit -> stealing GitHub Personal Access Token (PAT), cloud service related keys, etc. If a company uses reviewdog or tj-actions, they should conduct a self-inspection."