Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident

The <i>Update: April 2, 2025</i> <a href="https:&#x2F;&#x2F;unit42.paloaltonetworks.com&#x2F;github-actions-supply-chain-attack&#x2F;#update-4-2-25" rel="nofollow">https:&#x2F;&#x2F;unit42.paloaltonetworks.com&#x2F;github-actions-supply-ch...</a> section is interesting (the plot thickens)

I&#x27;m so glad someone dug into this properly after the tj-actions maintainer started locking threads and refusing to look into how the PAT was leaked.<p><a href="https:&#x2F;&#x2F;github.com&#x2F;tj-actions&#x2F;changed-files&#x2F;issues&#x2F;2464#issuecomment-2727130040">https:&#x2F;&#x2F;github.com&#x2F;tj-actions&#x2F;changed-files&#x2F;issues&#x2F;2464#issu...</a>